Systrace
   HOME

TheInfoList



Click Here for Items Related To - Systrace
OR:
Systrace on:   [Wikipedia]   [Google]   [Amazon]

Systrace is a
computer security Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and computer network, n ...
utility which limits an application's access to the system by enforcing access policies for
system call In computing, a system call (syscall) is the programmatic way in which a computer program requests a service from the operating system on which it is executed. This may include hardware-related services (for example, accessing a hard disk drive ...
s. This can mitigate the effects of buffer overflows and other security vulnerabilities. It was developed by
Niels Provos Niels Provos is a German-American researcher in security engineering, malware, and cryptography. He received a PhD in computer science from the University of Michigan. From 2003 to 2018, he worked at Google as a Distinguished Engineer on security ...
and runs on various
Unix-like A Unix-like (sometimes referred to as UN*X, *nix or *NIX) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Uni ...
operating system An operating system (OS) is system software that manages computer hardware and software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), schedule tasks for ...
s. Systrace is particularly useful when running untrusted or binary-only applications and provides facilities for privilege elevation on a system call basis, helping to eliminate the need for potentially dangerous
setuid The Unix and Linux access rights flags setuid and setgid (short for ''set user identity'' and ''set group identity'') allow users to run an executable with the file system permissions of the executable's owner or group respectively and to chang ...
programs. It also includes interactive and automatic policy generation features, to assist in the creation of a base policy for an application. Systrace used to be integrated into
OpenBSD OpenBSD is a security-focused operating system, security-focused, free software, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by fork (software development), forking NetBSD ...
, but was removed in April 2016 (in favour of ''pledge'' post OpenBSD 5.9). It is available for
Linux Linux ( ) is a family of open source Unix-like operating systems based on the Linux kernel, an kernel (operating system), operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically package manager, pac ...
and
Mac OS X macOS, previously OS X and originally Mac OS X, is a Unix, Unix-based operating system developed and marketed by Apple Inc., Apple since 2001. It is the current operating system for Apple's Mac (computer), Mac computers. With ...
, although the OS X port is currently unmaintained. It was removed from
NetBSD NetBSD is a free and open-source Unix-like operating system based on the Berkeley Software Distribution (BSD). It was the first open-source BSD descendant officially released after 386BSD was fork (software development), forked. It continues to ...
at the end of 2007 due to several unfixed implementation issues. As of version 1.6f Systrace supports 64-bit Linux 2.6.1 via kernel patch.


Features

Systrace supports the following features: * Confines untrusted binary applications: An application is allowed to make only those system calls specified as permitted in the policy. If the application attempts to execute a system call that is not explicitly permitted, an alarm gets raised. * Interactive policy generation with graphical user interface: Policies can be generated interactively via a graphical frontend to Systrace. The frontend shows system calls and their parameters not currently covered by policy and allows the user to refine the policy until it works as expected. * Supports different emulations: Linux, BSDI, etc.. * Non-interactive policy enforcement: Once a policy has been trained, automatic policy enforcement can be used to deny all system calls not covered by the current policy. All violations are logged to Syslog. This mode is useful when protecting system services like a web server. * Remote monitoring and intrusion detection: Systrace supports multiple frontends by using a frontend that makes use of the network, very advanced features are possible. * Privilege elevation: Using Systrace's privilege elevation mode, it's possible to get rid of
setuid The Unix and Linux access rights flags setuid and setgid (short for ''set user identity'' and ''set group identity'') allow users to run an executable with the file system permissions of the executable's owner or group respectively and to chang ...
binaries. A special policy statement allows selected system calls to run with higher privileges, for example, creating a raw socket.


Vulnerability history

Systrace has had some vulnerabilities in the past, including:
Exploiting Concurrency Vulnerabilities in System Call Wrappers
Paper by Robert Watson from the First USENIX Workshop On Offensive Technologies (WOOT07) analyzing system call wrapper traces across several wrapper platforms including systrace
Google Security discovers local privilege escalation in Systrace



Vulnerabilities in systrace


See also

* Seccomp * AppArmor * SELinux *
Mandatory access control In computer security, mandatory access control (MAC) refers to a type of access control by which a secured environment (e.g., an operating system or a database) constrains the ability of a ''subject'' or ''initiator'' to access or modify on an ' ...


References


External links

* {{official website BSD software OpenBSD Unix security-related software