pkgsrc.se | The NetBSD package collection

NOTICE: This package has been removed from pkgsrc

./security/gtk-systrace, GTK interface to systrace(1)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ]

Branch: CURRENT, Version: 20021201nb5, Package name: gtk-systrace-20021201nb5, Maintainer: pkgsrc-users

Systrace enforces system call policies for applications by constraining the
application's access to the system. The policy is generated interactively.
Operations not covered by the policy raise an alarm and allow an user to refine
the currently configured policy.

For complicated applications, it is difficult to know the correct policy before
running them. Initially, Systrace notifies the user about all system calls that
an applications tries to execute. The user configures a policy for the specific
system call that caused the warning. After a few minutes, a policy is generated
that allows the application to run without any warnings. However, events that
are not covered still generate a warning. Normally, that is an indication of a
security problem. Systrace improves cyber security by providing intrusion
prevention.

With systrace untrusted binary applications can be sandboxed. Their access to
the system can be restricted almost arbitrarily. Sandboxing applications
available only as binaries is only sensible as it is not possible to directly
analyze what they are designed to do. However, constraining the system calls
large open-source applications are allowed to execute is useful too as it is
very difficult to determine their correctness.

System call arguments can be rewritten dynamically. This effects a virtual
chroot for the sandboxed application. It also prevents race conditions in the
argument evaluation.

Required to run:
[x11/gtk]

Required to build:
[pkgtools/x11-links]

Master sites:

http://www.citi.umich.edu/u/provos/systrace/ (Download)

SHA1: f59c9224ce6d1068feec7e5c1c03d65c2f65c1d1
RMD160: f0e70327ebeac920ab2d01cf2dedf385de8d4eac
Filesize: 71.396 KB

Version history: (Expand)

(2015-07-26) Package deleted from pkgsrc
(2011-04-22) Updated to version: gtk-systrace-20021201nb5
(2006-02-06) Updated to version: gtk-systrace-20021201nb4
(2005-10-05) Package added to pkgsrc.se, version gtk-systrace-20021201nb3 (created)

CVS history: (Expand)

2015-07-25 20:27:34 by David A. Holland | Files touched by this commit (6) | Package removed

Log message:
More systrace

2015-07-12 08:52:58 by David A. Holland | Files touched by this commit (1) | Package updated

Log message:
systrace was removed in NetBSD 5.0; update ONLY_FOR_PLATFORM accordingly.
(probably this package should be removed entirely)

2013-04-07 22:49:45 by Blue Rats | Files touched by this commit (91)

Log message:
Edited DESCR in the case of:
 File too long (should be no more than 24 lines).
 Line too long (should be no more than 80 characters).
 Trailing empty lines.
 Trailing white-space.
Trucated the long files as best as possible while preserving the most info
contained in them.

2013-01-26 23:02:06 by Thomas Klausner | Files touched by this commit (2)

Log message:
Fix for automake-1.13.

2012-10-23 20:17:02 by Aleksej Saushev | Files touched by this commit (368)

Log message:
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.

2011-04-22 15:45:23 by OBATA Akio | Files touched by this commit (2234)

Log message:
recursive bump from gettext-lib shlib bump.

2009-06-14 20:13:41 by Joerg Sonnenberger | Files touched by this commit (154)

Log message:
Remove @dirrm entries from PLISTs

2008-07-14 14:56:20 by Joerg Sonnenberger | Files touched by this commit (563)

Log message:
Mark as destdir ready.