From: Mike Coleman <mkc@mathdogs.com>
To: subterfugue-announce@lists.sourceforge.net
Cc: linux-kernel@vger.kernel.org
Subject: [ANNOUNCE] SUBTERFUGUE 0.2
Date: 21 Feb 2001 06:38:35 -0600 [thread overview]
Message-ID: <87lmr043ec.fsf@mathdogs.com> (raw)
In-Reply-To: mkc@users.sourceforge.net's message of "Mon, 30 Oct 2000 04:52:53 -0600 (CST)"
SUBTERFUGUE 0.2 is available. It's been updated to work with the new 2.4
kernel and also includes a few other bug fixes and improvements. It's
available in source or Debian package form.
As always, feedback is welcome.
--Mike
==============================================================================
README:
SUBTERFUGUE is a framework for observing and playing with the reality of
software; it's a foundation for building tools to do tracing, sandboxing, and
many other things. You could think of it as "strace meets expect."
Here's a short (real) "screenshot" which hints at one of its possible uses:
# sf --trick=SimplePathSandbox:"read=['/'];write=['/dev/tty']" bash
# id
uid=0(root) gid=0(root) groups=0(root)
# rm -f /etc/passwd
write deny (unlink): '/etc/passwd'
rm: cannot unlink `/etc/passwd': Permission denied
[Translation: Run 'bash' in a sandbox (restricted environment) so that it and
all of the processes it creates can read all files (everything under '/') but
can only write '/dev/tty'. All system calls that read or write to the
filesystem are checked, and the attempt to unlink '/etc/passwd' is
disallowed.]
Disclaimer: SUBTERFUGUE is still fairly alpha. If you run it on a system that
matters and something breaks, you get to keep both pieces. Especially avoid
programs where a loss of state might be disastrous (e.g., fetchmail).
See 'http://subterfugue.org' and the sf(1) man page for more info. See the
file 'NEWS' in the distribution for info on the latest release.
==============================================================================
NEWS:
Version 0.2 ("tiger")
* Fixes to make SUBTERFUGUE work again with the 2.4 kernel. (new system
calls, slightly different wait behaviors, etc)
* Added 'now' and 'delta' flags to TimeWarp trick. Experience the future and
the past!
* New 'herekitty' script to amuse your cat! (Dan Egnor's cool idea)
* FixFlash trick fixes a problem with the Macromedia Flash plugin that causes
Netscape to hang when Flash tries to use /dev/dsp and it's in use.
* The TRACESYSGOOD patch is included in the kernel as of 2.4.0-test10, so
revert to disabling the "wait channel hack" by default. (Only vanilla
2.3.99 through 2.4.0-test9 need it now.)
* Added '--nowall', which allows sf to run somewhat in a degenerate way under
linux 2.2.
* Disable python '-O' flag by default, as it turns off assertion checking,
which is still extremely useful at this point.
reply other threads:[~2001-02-21 12:39 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87lmr043ec.fsf@mathdogs.com \
--to=mkc@mathdogs.com \
--cc=linux-kernel@vger.kernel.org \
--cc=subterfugue-announce@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.