similar to: Is DTrace Vulnerable?

I'm porting the most recent version of Neil Provos' systrace to FreeBSD 5.1. I'm sending him the diffs to integrate into his distribution. I'd also like to submit them to someone with FreeBSD for consideration, and hopefully inclusion as a port or whatever you prefer. Who could I send them to, or what would you prefer me to do with regard to FreeBSD? Thanks, Rich Murphey

I''d like to see if we can use DTrace to as the kernel implementation of the BSD systrace security policy system (http://www.systrace.org). I don''t really want to port systrace to Solaris because I think with DTrace we already have all the necessary in kernel hooks to do this. With systrace you express things like: "httpd can bind to port 80 but not any other port, it

hi, --> i have 8cores cpu. but my xenserver is using only one cpu, how to make use of all cpu cores --> machine is having 16G ram but domain0 is having very less memory. is there any way to increase memory for domain0 [root@xenserver-DZONGRI ~]# cat /proc/meminfo MemTotal: 574464 kB MemFree: 111776 kB Buffers: 9500 kB Cached: 117320 kB SwapCached: 100

Hi, I looking forward to integrate Rail3 application with SourceForce. Any help in this regard is appreciated. Thanks, Balakrishna -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send

Hi, OpenSSH 5.9 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains a couple of new features and changes and bug fixes. Testing of the new sandboxed privilege separation mode (see below) would be particularly appreciated. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The

hi, i tried to install solaris 10 update 9 on xenserver 5.6 when i start the virtual machine it throws error "HVM is required for this operation" how can i install solaris on xenserver5.6, please help me. thanks balakrishna _______________________________________________ Xen-users mailing list Xen-users@lists.xensource.com http://lists.xensource.com/xen-users

hi every one, i have a excel sheet like this labels starts ends 1 first task 1-Jan-04 3-Mar-04 2 second task 2-Feb-04 5-May-04 3 third task 3-Mar-04 6-Jun-04 4 fourth task 4-Apr-04 8-Aug-04 5 fifth task 5-May-04 9-Sep-04 now i converted this excel sheet into csv file and i read the csv file into R with the below code. my.gantt.info<-read.csv("C:/Documents and

Hi, The systrace and rlimit sandboxes have been committed and will be in snapshots dated 20110623 and later. This diff adds support for pre-auth privsep sandboxing using the OS X sandbox_init(3) service. It's a bit disappointing that the OS X developers chose such as namespace-polluting header and function names "sandbox.h", "sandbox_init()", etc. It already forced me to

Hey, Do you guys think that is a good idea to have a manual page for each provider with a complete description of what probes are offered ? Found some already under 7D category: dtrace dtrace (7d) - DTrace dynamic tracing facility fasttrap fasttrap (7d) - DTrace user instruction tracing provider fbt fbt (7d) - DTrace function boundary tracing provider

I have a number of systems running solaris10 and i see the package and binary for dtrace installed however whenever we try to run anything we get this error dtrace: failed to initialize dtrace: DTrace device not available on system the only system in which i dont have this error is the development server that has the full solaris 10 install while others are minimized, do i need additional

Hello together, since upgrading on samba 3.0.x (issue happens with all 3.0. release) the cpu-load on my samba PDC ist constantly near 100%. The cpu power ist consumed by all running smb-processes. Systrace shows me that the smb processes tried to access to /etc/passwd on a permanent basis. My question is: Why tries samba to access etc/passwd so often and produces this high cpu-load? Regards,

OpenSSH 5.9 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches,

OpenSSH 5.9 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches,

I build two zfs filesystems using b29 (from brandz). I then re-installed solaris express b28, preserving the zfs filesystems. When I tried to "zpool import" my zfs filesystems I got a kernel panic: > debugging crash dump vmcore.0 (32-bit) from blackbird > operating system: 5.11 snv_28 (i86pc) > panic message: > ZFS: bad checksum (read on /dev/dsk/c1d0p0 off 24d5e000: zio

I may not agree with everything they say, such as ISPConfig (I prefer webmin) but this tutorial offers a "step by step opportunity for newbies". Does this indicate that CentOS is now a "mainstream" distro? (Technically speaking its not CentOS 4.3 but CentOS 4 Update 3 but we are not into semantics). Article on Slash :- http://linux.slashdot.org/linux/06/05/01/1049254.shtml

Hi, I encountered a problem using Dovecot (todays CVS, 11/10/2005) with libsafe, systemwide install. Dovecot silently dies. Here is the end of the systrace output I got: bind(6, {sin_family=AF_INET, sin_port=htons(143), sin_addr=inet_addr("0.0.0.0")}}, 16) = 0 getsockname(6, {sin_family=AF_INET, sin_port=htons(143), sin_addr=inet_addr("0.0.0.0")}}, [16]) = 0 listen(6, 8)

Hi, would anyone know a soft to firewall outbound connections (applications phoning home, etc...). It would detect an unknown (to him) app that tries to connect to the outside world and it would popup a allow/deny request...AppArmor might be a bit overkill... Anyone have any experience with Systrace, TuxGuardian or Zorp GPL...? Thx, JD

https://bugzilla.mindrot.org/show_bug.cgi?id=2419 Bug ID: 2419 Summary: SECCOMP filter does not accept getpgid syscall Product: Portable OpenSSH Version: 6.8p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd Assignee: unassigned-bugs at

Hello! We are proudly announce that CerbNG-1.0 Release Candidate 2 is now avaliable. There are many changes from RC1 (many new functionalities, some bug fixes, new interesting policies, new regression tests and more). It seems that CerbNG is stable for now, so we hope that the next version is going to be final 1.0 series release. We count on feedback from FreeBSD community in founding bugs (if

Hello! We are proudly announce that CerbNG-1.0 Release Candidate 2 is now avaliable. There are many changes from RC1 (many new functionalities, some bug fixes, new interesting policies, new regression tests and more). It seems that CerbNG is stable for now, so we hope that the next version is going to be final 1.0 series release. We count on feedback from FreeBSD community in founding bugs (if