Niels Provos

A bug in systrace_exit() on NetBSD-current can be exploited to get local root privileges. Update your kernel if you are are running NetBSD-current.

Monkey.org has been nice enough to set up a Systrace Mailing List. The web interface can be used to manage subscriptions and check the archives. The mailing list is not very busy but annoucement are usually posted there first.

Marius Eriksen implemented a new feature called Cradle Mode. In Cradle Mode, it is possible to detach the UI and reattach it again elsewhere. This is useful for system administrators who need to manage machines remotely.

Dug Song provides the source code for Monkey.org's systrace shell wrapper. It is used to systrace all user accounts on Monkey.org from the login shell. See his post for more information.

Michael Lucas posted an introductory article on creating policies for Systrace. He gives a brief overview on how system calls work and then goes into explaining the Systrace policy creation for named. If you are a new to Systrace this is a good article to read.