Wrapper for deceptions

• Based on UID, PID, what run, state, etc.

  • Alter capabilities of processes
  • Run altered programs (e.g., non-setUID)
  • Set UID for exec'ed process
  • chroot to altered environment
  • Refuse access (phony error return)

• Rule-based interface version

• General purpose (lisp) version

• Drop-in user-defined version

Notes: