LWN.net Logo

Systrace on linux insecure?

Systrace on linux insecure?

Posted May 7, 2004 17:58 UTC (Fri) by happynut (subscriber, #4117)
In reply to: OpenBSD 3.5: a peek at another free Unix by oak
Parent article: OpenBSD 3.5: a peek at another free Unix

I used to use systrace, but it was recently booted out of Gentoo:

http://bugs.gentoo.org/show_bug.cgi?id=45961

There is a described root vulnerability in the 2.4 kernel, and several more claimed:

http://seclists.org/lists/fulldisclosure/2004/Mar/1363.html

Its too bad, because systrace was much more understandable (to me) than selinux; its not as comprehensive, but it lets you easily "lock down" services on a host.


(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.