On Mon, 8 Aug 2005 11:15:11 -0400, Thor Lancelot Simon writes:
>I think this is the wrong way to go.  I think that it would be much better
>to associate systrace policies with executables using verified exec, as

I've been thinking of that too, but my colleages haven't been convinced
that systrace is the right answer.  Anyone got some example systrace
configs that show for instance how ping can run without setuid and still
work - and preferably not being run via a setuid wrapper.

--sjg