Subject: Re: systrace features?
To: Charles Blundell <firstname.lastname@example.org>
From: Daniel Carosone <email@example.com>
Date: 09/24/2003 20:09:37
On Wed, Sep 24, 2003 at 10:51:33AM +0100, Charles Blundell wrote:
> Hm, if you're running a process with:
> systrace -ak blah
> why have netbsd-fswrite for /etc/master.passwd at all?
-k says (to me) "assume action = kill" for anything not in the policy
I might still want a line like the above in the policy, when the
default is for "deny" - just as I might put an explicit "deny" in
the policy to prevent the default "kill" when running with -k.
maybe it's not worth the effort, but it seems like a useful symmetry.
> As David suggested, there could be something useful in a core dump,
> but I am not so sure about specifying this per explicit policy rule.