Subject: Re: systrace features?
To: Sam Leffler <>
From: Charles Blundell <>
List: tech-security
Date: 09/24/2003 12:36:37
on Tue, Sep 23, 2003 at 08:19:07PM -0700, Sam Leffler wrote:
> You should learn about the ROC project going on at UCBerkeley/Stanford.
> Part of that work is a tool for fault injection testing of systems.
> 	<>
> Look for FIG on Pete Broadwell's page.

FIG works at the libc level, as far as I can tell. (although their
test results were with syscalls.)
This works at the syscall level, so we don't need to use LD_PRELOAD,
and may also turn up bugs in libc.

Of course this is nothing new; my main reason for writing it
was to see if it would improve generated policies.

Jose Nazario wrote a program for fault injection using systrace:


but by having the logic in systrace we can allow successive calls to
work, then have one fail. (so we can probe deeper into the code.)