[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-misc
Subject:    Re: a truly openbsd day
From:       Theo de Raadt <deraadt () cvs ! openbsd ! org>
Date:       2005-10-31 22:05:49
Message-ID: 200510312205.j9VM5nAA006807 () cvs ! openbsd ! org
[Download RAW message or body]

> I'd love to see a bootable OpenBSD desktop CD with all applications
> tightly wrapped by systrace, so I don't need to recreate and redistribute
> the boot disk after each new Firefox, GAIM, etc exploit.

It is really unfortunate that I have never seen a perfect systrace
policy.  Not once.

Not even for small programs like ping.

People just don't like what system calls libraries do on their behalf.
It is really quite depressing.

So people end up using systrace to break their applications further.

[prev in list] [next in list] [prev in thread] [next in thread]