Subject: Re: systrace(4) policies in pkgsrc
To: Blair Sadewitz <email@example.com>
From: Greg Troxel <firstname.lastname@example.org>
Date: 11/14/2006 09:57:44
Does anyone have any ideas on how systrace policies for packages could
be implemented in pkgsrc?
That sounds interesting, and I see 3 issues to address:
1) How to make a policy that is appropriate for multiple systems (I'm
not sure how many systems have systrace and are supported by
pkgsrc). This is either very hard, or can be done just for NetBSD.
2) Whether/how to install them. [/usr/pkg/share/systrace/pkgname ?]
3) Whether/how to enable them automatically. This may be hard, but if
1 and 2 are solved, most of the value can be achieved