[Systrace] tuning systrace policy for expect
Ray
ray at cyth.net
Wed May 11 11:47:51 EDT 2005
On Tue, May 10, 2005 at 10:59:40AM +0200, Kim Onnel wrote:
> native-fsread: filename eq "/home" permit
This line should be:
native-fsread: filename eq "/home" then permit
Because this line failed, all lines below that are ignored, causing
systrace to deny system calls such as issetugid, which was permitted
below the line at fault.
--
I've found that people who are great at something are not so much
convinced of their own greatness as mystified at why everyone else
seems so incompetent.
Paul Graham
More information about the systrace
mailing list