Subject: Re: systrace features?
To: None <firstname.lastname@example.org>
From: Charles Blundell <email@example.com>
Date: 09/30/2003 08:26:40
on Mon, Sep 29, 2003 at 12:32:50PM -0400, Niels Provos wrote:
> Fault injection to test error handling is a very useful. However,
> I do not think that it should be part of systrace proper. Currently,
> systrace already allows you to specify a separate frontend. In the
> past, I have written simple shell scripts to introduce random faults
> in system calls using Systrace. Just do something like
> systrace -g ./faultinjectionwrapper cat /etc/myname
Cunning. Ok. scratch -r in systrace.
> > Terminating a process when a system call not in its policy is
> > attempted (only for unsupervised processes.) May help with policy
> > probing attacks, and the problem noted above with kill.
> That may be useful. A kill action by itself may be good, too.
okiedokie. The patch included some modifications which would make a kill
action easier too. I'll do this when I have a bit more time.