blob: 5dda8e1a34ebcccd693969cae4b79a233649a27e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
GTK frontend for systrace.
Systrace enforces system call policies for applications by constraining
the application's access to the system. The policy is generated
interactively. Operations not covered by the policy raise an alarm
and allow an user to refine the currently configured policy.
For complicated applications, it is difficult to know the correct
policy before running them. Initially, Systrace notifies the user
about all system calls that an applications tries to execute. The
user configures a policy for the specific system call that caused
the warning. After a few minutes, a policy is generated that allows
the application to run without any warnings. However, events that
are not covered still generate a warning. Normally, that is an
indication of a security problem. Systrace improves cyber security
by providing intrusion prevention.
With systrace untrusted binary applications can be sandboxed.
Their access to the system can be restricted almost arbitrarily.
Sandboxing applications available only as binaries is only sensible
as it is not possible to directly analyze what they are designed
to do. However, constraining the system calls large open-source
applications are allowed to execute is useful too as it is very
difficult to determine their correctness.
System call arguments can be rewritten dynamically. This effects
a virtual chroot for the sandboxed application. It also prevents
race conditions in the argument evaluation.
|