---- Original message ---- >Date: Sun, 12 Nov 2006 10:26:10 -0500 >From: Okan Demirmen <[EMAIL PROTECTED]> >Subject: Re: systrace: vi policy >To: misc@openbsd.org > >On Sun 2006.11.12 at 08:55 -0600, Jacob Yocom-Piatt wrote: > >consider sorting your policies...also, try to be more generic in other >places, for example, match "/usr/lib/libc.so.*" > >> >> native-fswrite: filename eq "/tmp/*" then permit > >use match >
okan, that did the trick, thx for the syntax advice. is there any particular utility you recommend for sorting the syscalls? cheers, jake
