subject:"systrace\: vi policy"

Re: systrace: vi policy

2006-11-12 Thread Ben Calvert

On Sun, 12 Nov 2006 12:15:39 -0600 (CST) Jacob Yocom-Piatt <[EMAIL PROTECTED]> wrote: > Original message > >Date: Sun, 12 Nov 2006 10:26:10 -0500 > >From: Okan Demirmen <[EMAIL PROTECTED]> > >Subject: Re: systrace: vi policy > >To: misc@openbs

Re: systrace: vi policy

2006-11-12 Thread Okan Demirmen

On Sun 2006.11.12 at 12:15 -0600, Jacob Yocom-Piatt wrote: > Original message > >Date: Sun, 12 Nov 2006 10:26:10 -0500 > >From: Okan Demirmen <[EMAIL PROTECTED]> > >Subject: Re: systrace: vi policy > >To: misc@openbsd.org > > > >On Sun

Re: systrace: vi policy

2006-11-12 Thread Jacob Yocom-Piatt

Original message >Date: Sun, 12 Nov 2006 10:26:10 -0500 >From: Okan Demirmen <[EMAIL PROTECTED]> >Subject: Re: systrace: vi policy >To: misc@openbsd.org > >On Sun 2006.11.12 at 08:55 -0600, Jacob Yocom-Piatt wrote: > >consider sorting your policies...a

Re: systrace: vi policy

2006-11-12 Thread Okan Demirmen

On Sun 2006.11.12 at 08:55 -0600, Jacob Yocom-Piatt wrote: consider sorting your policies...also, try to be more generic in other places, for example, match "/usr/lib/libc.so.*" > Policy: /usr/bin/vi, Emulation: native > native-issetugid: permit > native-mprotect: permit >

systrace: vi policy

2006-11-12 Thread Jacob Yocom-Piatt

i've read through all the docs that i can find on systrace policy generation and enforcement and have hit a snag when trying to generate a working policy for vi that restricts the files that can be read and written by a user. the policy is generated by running "systrace -A vi test.txt" for an unpri

Re: systrace: vi policy

Re: systrace: vi policy

Re: systrace: vi policy

Re: systrace: vi policy

systrace: vi policy

5 matches

Site Navigation

Mail list logo

Footer information