Subject: Re: Limiting systrace to root user?
To: Hubert Feyrer <firstname.lastname@example.org>
From: Thor Lancelot Simon <email@example.com>
Date: 03/29/2005 10:35:19
On Tue, Mar 29, 2005 at 05:03:04PM +0200, Hubert Feyrer wrote:
> On Tue, 29 Mar 2005, Thor Lancelot Simon wrote:
> >Has anyone made the necessary changes to do this, or thought about this
> >issue harder?
> No, but I guess systracing /bin/systrace is too easy?
I am pretty sure that doesn't work. /bin/systrace isn't setuid; any
user can invoke the systrace machinery in the kernel even if you
remove /bin/systrace entirely.
Thor Lancelot Simon firstname.lastname@example.org
"The inconsistency is startling, though admittedly, if consistency is to be
abandoned or transcended, there is no problem." - Noam Chomsky