Subject: Re: systrace features?
To: Charles Blundell <>
From: Daniel Carosone <>
List: tech-security
Date: 09/24/2003 20:09:37
On Wed, Sep 24, 2003 at 10:51:33AM +0100, Charles Blundell wrote:
> Hm, if you're running a process with:
> 	systrace -ak blah
> why have netbsd-fswrite for /etc/master.passwd at all?

-k says (to me) "assume action = kill" for anything not in the policy

I might still want a line like the above in the policy, when the
default is for "deny" - just as I might put an explicit "deny" in
the policy to prevent the default "kill" when running with -k.

maybe it's not worth the effort, but it seems like a useful symmetry.

> As David suggested, there could be something useful in a core dump,
> but I am not so sure about specifying this per explicit policy rule.