Categories

19 pages

Systrace

Systrace is a tool that enforces system call policies for applications, constraining their access to the system and improving cybersecurity through intrusion prevention. It generates policies interactively, allowing users to refine them as needed. Systrace can be used to sandbox untrusted binary applications, limiting their access to the system. It also offers features like system call argument rewriting, remote monitoring and intrusion detection, non-interactive policy enforcement, and privilege elevation. This helps to monitor daemons on remote machines, enforce policies automatically, and eliminate the need for setuid or setgid binaries.

Evading System Sandbox Containment

Local Privilege Escalation

Systrace 1.6d

Linux kernel systrace patch set

HowTo: Translating a New System Call

More Linux Ptrace fixes

Systrace 1.6: Phoenix Release

Systrace 1.6: Phoenix Release