After over three years of quiet life,
Systrace 1.6: Phoenix Release is available. This release allows Systrace to run on Linux without requiring kernel changes. The regular Systrace backend has been emulated with ptrace and supports most Systrace features. Emulation of threading and signal mask computation are not implemented yet.
The Phoenix image is from Eric Newport.
A bug in
systrace_exit() on NetBSD-current can be exploited to get local root privileges. Update your kernel if you are are running NetBSD-current.
Monkey.org has been nice enough to set up a
Systrace Mailing List. The web interface can be used to manage subscriptions and check the archives. The mailing list is not very busy but annoucement are usually posted there first.
Marius Eriksen implemented a new feature called Cradle Mode. In Cradle Mode, it is possible to detach the UI and reattach it again elsewhere. This is useful for system administrators who need to manage machines remotely.
Dug Song provides the source code for Monkey.org's
systrace shell wrapper. It is used to systrace all user accounts on Monkey.org from the login shell. See his
post for more information.
Michael Lucas posted an
introductory article on creating policies for Systrace. He gives a brief overview on how system calls work and then goes into explaining the Systrace policy creation for
named. If you are a new to Systrace this is a good article to read.
