On Sun, 2003-02-09 at 01:21, Han Boetes wrote: > Gustavo Franco <[EMAIL PROTECTED]> wrote: > > > How many possibilities of add systrace[1] in the next release in > > kernel-secure? It's sounds very good and not impact any system > > without a policy configuration.The users that are using > > kernel-secure without expertise won't affected. > > > > [1] = http://www.citi.umich.edu/u/provos/systrace/linux.html > > http://www.systrace.org > > > > Can i request it as feature? Or what? > > I am running OpenBSD current and also systrace. It's a really > nice idea, but the implementation isn't finished yet. It doesn't > have any stability drawbacks on the OpenBSD-kernel. I suppose > it gives some overhead. Yes, the overhead exists.But grsecurity produce some overhead too.Nothing wrong here.
> But before this gets merged into the main-kernel I would prefer > to see some individuals experiment with systrace on the linux > kernel and see what happens. main-kernel? no. secure flavour of the kernel as suggested! > btw, systrace is not really difficult, but to do it right it > isn't really simple either. Without policies, without impact and overhead.Good for people that are using secure flavour without expertise about this subject(systrace).As in grsecurity case. > [...] bye, -- Gustavo Franco <[EMAIL PROTECTED]>