blob: ed5bd49364c696e3c4baed80d5bcbc168ec003b2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
|
systrace (interactive policy generation for system calls)
Systrace enforces system call policies for applications by constraining
the application's access to the system. The policy is generated
interactively. Operations not covered by the policy raise an alarm,
allowing an user to refine the currently configured policy.
By default, this build includes a GTK+ GUI frontend (gtk-systrace), which
will be started by systrace as needed. To build without the GUI (e.g. for
use on headless servers), set GUI=no in the script's environment. In
this case, you'll have to run systrace with the -t option to prevent it
trying to start the nonexistant GUI.
|
