Ted Unangst wrote on 01/09/2006 23:54:
>> isn't it limited to a deny (returning an errorcode) ? so how ?
>>
>> native-getuid: permit
>>
>> native-getuid: permit[0] => error
>> native-getuid: permit as root => error
>
> yeah, actually i think you want "as root", but for geteuid or whatever
> the right syscall is.
>
i don't get it ???
"native-getuid: permit as root" doesn't work in a systrace policy
$ sudo /bin/systrace -a -c 556:556 /usr/local/sbin/fping localhost
syntax error
/etc/systrace/usr_local_sbin_fping:24: syntax error.
Segmentation fault
and same for adding a return code to permit.
nobody with systrace privilege evelation and fping ?
thanks
Regards
Julien
