On Thu, Oct 11, 2007 at 08:54:42PM +0200, Xavier Mertens wrote:
> Hi *,
>
> I'm busy with a systrace/stsh implementation but there is a lack of standard
> policies (IMHO). Any idea where I can find some ready-to-use policies?
>
> I must be missing some important ones, when the user logs in, he got
> immediately
> the following error:
>
> systrace: getcwd: Permission denied
You should probably do a Google search on systrace before continuing
further down this road. In particular, I believe the issue highlighted
by Robert Watson has not been fixed yet (although I could be wrong, and
would be happy to be wrong in this case).
Otherwise, I seem to recall a repository of configurations called 'hairy
eyeball'. And the interactive policy generators (xsystrace for instance)
can be pretty useful, too.
Joachim
--
TFMotD: eqn (1) - format equations for troff
