On Tue, Feb 03, 2009 at 06:39:43AM -0800, Nick wrote:
> Could someone advise me the best way to constrain an application from
> performing unwanted activities? (e.g. if someone in an irc chan was able to
> hijack my irssi app to read personal files).
You could try the ppriv(1) command (using -s) a
> Could someone advise me the best way to constrain an application from
> performing unwanted activities? (e.g. if someone in an irc chan was able to
> hijack my irssi app to read personal files).
The ultimate containment vessel is a Zone. Build a zone with just
the files you wa
Many thanks for the speedy reply. I'll look at ppriv. As for irssi,
I'm not suggesting that it *is* buggy, but more generally was thinking
along the lines of applications which I'd like to keep on a
short-leash lest they over step their mark.
Cheers,
Nick
--
This message posted from opensolaris.
Could someone advise me the best way to constrain an application from
performing unwanted activities? (e.g. if someone in an irc chan was able to
hijack my irssi app to read personal files).
I currently run apps like irssi as a dedicated, unprivileged user. On OpenBSD,
I've used systrace to def
