19 pages


Systrace is a tool that enforces system call policies for applications, constraining their access to the system and improving cybersecurity through intrusion prevention. It generates policies interactively, allowing users to refine them as needed. Systrace can be used to sandbox untrusted binary applications, limiting their access to the system. It also offers features like system call argument rewriting, remote monitoring and intrusion detection, non-interactive policy enforcement, and privilege elevation. This helps to monitor daemons on remote machines, enforce policies automatically, and eliminate the need for setuid or setgid binaries.