Featured image of post Systrace 1.6: Phoenix Release

Systrace 1.6: Phoenix Release

This release allows Systrace to run on Linux without requiring kernel changes.

Phoenix Release

After over three years of quiet life, Systrace 1.6: Phoenix Release is available. This release allows Systrace to run on Linux without requiring kernel changes. The regular Systrace backend has been emulated with ptrace and supports most Systrace features. Emulation of threading and signal mask computation are not implemented yet.

Systrace Background

Systrace enforces system call policies for applications to enhance cybersecurity by constraining their access to the system. Policies can be generated interactively or learned automatically, with minimal manual post-processing if necessary. Systrace alerts users about any unapproved system calls, which can then be added to the policy or flagged as a security concern. It is particularly useful for sandboxing untrusted binary applications or large open-source applications, as it is challenging to directly analyze or determine their correctness. Additionally, Systrace enables dynamic rewriting of system call arguments, providing a virtual chroot for sandboxed applications and preventing race conditions in argument evaluation.

Last updated on Mar 25, 2006 01:05 UTC
The views expressed on these pages are my own and do not represent the views of anyone else.
Built with Hugo - Theme Stack designed by Jimmy