> > I guess the question is: how many people actually use systrace in > > scripts? Probably very very few.
>From yesterday onwards, noone uses it. > I use it in scripts but will look to switching to pledge when I > have time, which I *should* be able to find in the next 6 months, haha. > It is however sometimes insightful as a quick and dirty debugging tool. If you stick to old code, sure. > Unfortunately systrace overhead can be significant for monitoring > complex programs but it could potentially be useful as a part of a > (HIPS or system intrusion or malfunction detection for a secure > server). hmmm, assuming pledge doesn't kill the offending process first, > haha. systrace and pledge did not work together. So that's balony. > I guess pledging /bin/sh may throw up challenges too though I see many > pledges in csh? sh is pledged. > and so is systrace useful there? systrace was removed, so how can it be useful?
