sysjail is a defunct user-land virtualiser for systems supporting the systrace library - as of version 1.0 limited to OpenBSD, NetBSD and MirOS. Its original design was inspired by FreeBSD jail, a similar utility (although part of the kernel) for FreeBSD. sysjail was developed and released in 2006 by Kristaps Dzonsons (aka Johnson), a research assistant in Game theory at the Stockholm School of Economics, and Maikls Deksters.[1]
sysjail was re-written from scratch in 2007 to support emulated processes in jails, limited (initially) to Linux emulation.
The project was officially discontinued on 3 March 2009 due to flaws inherent to syscall wrapper-based security architectures. The restrictions of sysjail could be evaded by exploiting race conditions between the wrapper's security checks and kernel's execution of the syscalls. [2]
sysjail, defunct, user, land, virtualiser, systems, supporting, systrace, library, version, limited, openbsd, netbsd, miros, original, design, inspired, freebsd, jail, similar, utility, although, part, kernel, freebsd, developed, released, 2006, kristaps, dzon. sysjail is a defunct user land virtualiser for systems supporting the systrace library as of version 1 0 limited to OpenBSD NetBSD and MirOS Its original design was inspired by FreeBSD jail a similar utility although part of the kernel for FreeBSD sysjail was developed and released in 2006 by Kristaps Dzonsons aka Johnson a research assistant in Game theory at the Stockholm School of Economics and Maikls Deksters 1 sysjail was re written from scratch in 2007 to support emulated processes in jails limited initially to Linux emulation The project was officially discontinued on 3 March 2009 due to flaws inherent to syscall wrapper based security architectures The restrictions of sysjail could be evaded by exploiting race conditions between the wrapper s security checks and kernel s execution of the syscalls 2 References edit sysjail OpenBSD jail implementation Kristaps Dzonsons 2006 05 22 OpenBSD misc mailing list Watson Robert N M Exploiting Concurrency Vulnerabilities in System Call WrappersExternal links editsysjail systrace user land virtualisation sysjail NYCBSDCON2006 presentation nbsp This Unix related article is a stub You can help Wikipedia by expanding it vte Retrieved from https en wikipedia org w index php title Sysjail amp oldid 1185965608, wikipedia, wiki, book, books, library,