Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Highly Portable Sandbox Facility For OpenBSD

Posted by timothy on from the hey-you-kids-can't-go-in-there dept.

An Anonymous Coward writes: "A new facility called 'systrace' has been developed by one of the OpenBSD developers. It allows enforcement of system call policies on untrusted binaries. For now it is only available OpenBSD-current, but the author claims it is highly portable and can easily be integrated into GNU/Linux systems. Eventually binary-only software is going to become more and more common in Linux, so this could be a another 'Good Thing(TM)' from the paranoids that brought us OpenSSH."

3 of 40 comments (clear)

  1. BSD vs. Linux by Anonymous Coward · · Score: 0, Funny

    BSD vs Linux:

    They say a picture is worth 1000 words. I'll let the pictures do the talking.

    Look who shows up when BSD users get together. Now look what happens when Linux users get together. That's right! They immdiately start buggering each other! This picture shows the reaction of the receiver of such activity. A smile from ear to ear.

    Note the look of disgust when a member of the BSD crowd actually has to look at a Linux user. Truly truly sad.

    1. Re:BSD vs. Linux by Anonymous Coward · · Score: 2, Funny

      "BSD: We've got hot babes."

  2. Re:How does this compare to Jail? by Anonymous Coward · · Score: 1, Funny

    They have IIS, Exchange, and Internet Explorer running wholly in kernel space.

    Running programs as SYSTEM makes them fast!
    Whoops!
    Where's all my files!
    I are hacked!