Re: A new kind of security needed

Poul-Henning Kamp wrote:
In message <200807241639.m6OGda4b004216@xxxxxxxxxxxxxxxxxxxx>, Matthew Dillon w
Doesn't OpenBSD have a syscall filtering mechanic where one can restrict
the file paths the program is allowed to access?

Yes they do.

Really smart


programs modify the strings after the check and get
to access the files anyway.

though it's not always successful.

It's kind of strange that they don't just copyin the name.

freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"