Subject: Re: Limiting systrace to root user?
To: Hubert Feyrer <>
From: Thor Lancelot Simon <>
List: tech-security
Date: 03/29/2005 10:35:19
On Tue, Mar 29, 2005 at 05:03:04PM +0200, Hubert Feyrer wrote:
> On Tue, 29 Mar 2005, Thor Lancelot Simon wrote:
> >Has anyone made the necessary changes to do this, or thought about this
> >issue harder?
> No, but I guess systracing /bin/systrace is too easy?

I am pretty sure that doesn't work.  /bin/systrace isn't setuid; any
user can invoke the systrace machinery in the kernel even if you
remove /bin/systrace entirely.

 Thor Lancelot Simon	                            

"The inconsistency is startling, though admittedly, if consistency is to be
 abandoned or transcended, there is no problem."		- Noam Chomsky