An Odd User wrote:

>*** >I doubt that systrace is an appropriate tool to replace securelevels.
>For the purpose of replacing something like securelevel 2 with files
>protected with schg or sappnd , I simply no longer think that systrace
>is capable of this. Securelevels should be kernel-based and systrace
>seems to be flawed , and seems to require all controlled programs and calls
>to be listed verbosely. It seems to me that it would offer the same
>level of security that Default Allow policies and individual Block rules do
>for firewall rulesets. One can never list everything fully enough to be truly
>secure.





I think I was incorrect above , at least with regard to systrace requiring program calls
to be listed verbosely. From what I have read since , it appears that systrace safely
defaults to only allowing those program calls that have been specifically allowed for
those verbosely-listed programs that have been placed under systrace's control. I
continue to think that it would take great effort to bend systrace policies into the
shape of effective securelevels.


An Odd User.