On Sun 2006.11.12 at 12:15 -0600, Jacob Yocom-Piatt wrote: > ---- Original message ---- > >Date: Sun, 12 Nov 2006 10:26:10 -0500 > >From: Okan Demirmen <[EMAIL PROTECTED]> > >Subject: Re: systrace: vi policy > >To: misc@openbsd.org > > > >On Sun 2006.11.12 at 08:55 -0600, Jacob Yocom-Piatt wrote: > > > >consider sorting your policies...also, try to be more generic in other > >places, for example, match "/usr/lib/libc.so.*" > > > >> >> native-fswrite: filename eq "/tmp/*" then permit > > > >use match > > > > okan, > > that did the trick, thx for the syntax advice. is there any particular utility > you recommend for sorting the syscalls?
no problem. not to state the obvious, but use sort(1). call it within your favorite editor ;) cheers.
