Slashdot Mirror

← Back to Stories (view on slashdot.org)

Systrace for Mac OS X

Posted by pudge on from the monkeying-around dept.

Niels Provos writes in that he has added Mac OS X support for Systrace, a sandboxing/application confinement tool that can be used to increase application and service security. It installs a new kernel to support /dev/systrace and the Systrace application, and a Cocoa frontend.

2 of 23 comments (clear)

  1. Replace my kernel?, but I like my kernel by Kplusplus · · Score: 5, Interesting

    My only qualm is where is this kernel coming from and why is there no other way to run this then with a specially built kernel. Im sorry to say, but I can't just trust anything that replaces my kernel, no matter who it comes from when that person isn't my OS vendor.

    Is it impossible to get teh same thing done with a kernel extension?

    --
    -"I'm one of those Mac people that will break a bottle on the bar and hold it to your throat for bad-mouthing my system"
  2. Re:system call tracing needs to become standard by Rich_Morin · · Score: 2, Interesting

    I would very much like to see OSX ship with truss; in particular, I would like it to be the Solaris-style truss that can trace descendents of processes, etc. (The FreeBSD version is only a pale shadow of this.) Anyone who agrees with this wish might want to send a note to devbugs@apple.com, supporting Problem ID #3121601.

    --
    Technical editing and writing, programming, and web development