[LWN Logo]

To:	subterfugue-announce@lists.sourceforge.net
From:	Mike Coleman <mkc@kc.net>
Date:	17 Mar 2000 05:13:16 -0600

SUBTERFUGUE 0.1.9 is available.  This release contains two substantial

First is a fast ignored-call loop, in C, written by Pavel Machek.  The actual
speedup will vary depending on what fraction of system calls each trick needs
to follow, but for tricks that only follow a few calls (e.g., sandboxes), the
speedup is quite noticeable, particularly after initial application startup.

Second is a feature (a hack) that will enable you to run SUBTERFUGUE on a
vanilla kernel, 2.3.99-pre1 or later.  Running without the patch is perhaps
only half as fast as with, but now you can try SUBTERFUGUE without having to
make a special kernel.  (The next-to-last SUBTERFUGUE patchlet was included in
2.3.99-pre1.  [Hooray!!]  If the last patchlet makes it in by 2.4, this hack
will go away.)

As always, feedback is welcome.

Have fun!


From NEWS:

Version 0.1.9 ("pagliacci")

* Added fast (in C) ignored-call loop from Pavel Machek.

* Added '--waitchannelhack', which will allow SUBTERFUGUE to run (albeit
  slowly) without no kernel patch on linux 2.3.99 or later.

* The '--output' flag now accepts a file descriptor number as an argument,
  making it easier to separate SUBTERFUGUE output from that of the traced

* More bug fixes.


This is SUBTERFUGUE.  See 'NEWS' for info on the latest release.

SUBTERFUGUE is a framework for observing and playing with the reality of
software; it's a foundation for building tools to do tracing, sandboxing, and
many other things. You could think of it as "strace meets expect."

Here's a short (real) "screenshot" which hints at one of its possible uses:

    # sf --trick=SimplePathSandbox:"read=['/'];write=['/dev/tty'];net=1" bash
    # id
    uid=0(root) gid=0(root) groups=0(root)
    # rm -f /etc/passwd
    write deny (unlink): '/etc/passwd'
    rm: cannot unlink `/etc/passwd': Permission denied

BEWARE: This is an alpha release.  It might not hose your system, but who can
say?  You probably shouldn't even be reading this.  Don't run this as root,
except on a scratch system.  Don't use it to run programs where a loss of
state might be disastrous (e.g., fetchmail).  Consider yourself warned.

See 'http://subterfugue.org' for more info.

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/