On Sun, Jan 29, 2006 at 12:40:58PM +0200, Elad Efrat wrote:
> btw: can you identify one crucial problem with systrace and selinux?

With SELinux: adhoc-ruleset not backed by the implementation.
With systrace: inability to restrict access based on the location of a
file when you don't know the restriction in advance.

Beside, we had this discussion before, be careful when mixing unrelated
technologies and implementation details :-)

Joerg