From owner-freebsd-hackers  Fri Jul 19 14: 1:22 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 457B537B400
	for <freebsd-hackers@freebsd.org>; Fri, 19 Jul 2002 14:01:19 -0700 (PDT)
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id ED7D243E31
	for <freebsd-hackers@freebsd.org>; Fri, 19 Jul 2002 14:01:17 -0700 (PDT)
	(envelope-from robert@fledge.watson.org)
Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.12.4/8.12.4) with SMTP id g6JL16Oo027219;
	Fri, 19 Jul 2002 17:01:06 -0400 (EDT)
	(envelope-from robert@fledge.watson.org)
Date: Fri, 19 Jul 2002 17:01:05 -0400 (EDT)
From: Robert Watson <rwatson@freebsd.org>
X-Sender: robert@fledge.watson.org
To: David Malone <dwmalone@maths.tcd.ie>
Cc: Zbyszek Sobiecki <kodz@slonce.com>, freebsd-hackers@freebsd.org
Subject: Re: systrace.
In-Reply-To: <20020719145726.GA73051@walton.maths.tcd.ie>
Message-ID: <Pine.NEB.3.96L.1020719165845.26680A-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

On Fri, 19 Jul 2002, David Malone wrote:

> On Fri, Jul 19, 2002 at 03:50:33PM +0200, Zbyszek Sobiecki wrote:
> > Is there any work done on porting systrace to FreeBSD?
> 
> I started looking at it and began porting it to current. It doesn't look
> too hard. I'll probably get it finished at some stage, but if someone
> else wanted to look at it they should go ahead 'cos I've been a bit busy
> recently. 
> 
> I actually thought that there might be some race conditions in the code
> but didn't have a recent OpenBSD machine to test my theory on. 

I tend to agree, having noticed what is presumably the same problem -- I
chatted with Angelos about it at a recent DARPA PI meeting, and I think we
concluded that the race conditions do exist and may well be exploitable.
Someone dropped me an e-mail saying they had done a port, but I was on
travel at the time so didn't respond--I think it would be useful to look
into integrating it, but the race conditions do need to be closed.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Network Associates Laboratories



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message