From owner-svn-doc-head@FreeBSD.ORG Tue Jul 9 08:33:27 2013 Return-Path: Delivered-To: svn-doc-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 97625A81; Tue, 9 Jul 2013 08:33:27 +0000 (UTC) (envelope-from pgj@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 7A4B61059; Tue, 9 Jul 2013 08:33:27 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r698XRfP015030; Tue, 9 Jul 2013 08:33:27 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.7/8.14.5/Submit) id r698XRnj015029; Tue, 9 Jul 2013 08:33:27 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201307090833.r698XRnj015029@svn.freebsd.org> From: Gabor Pali Date: Tue, 9 Jul 2013 08:33:27 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r42213 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Jul 2013 08:33:27 -0000 Author: pgj Date: Tue Jul 9 08:33:27 2013 New Revision: 42213 URL: http://svnweb.freebsd.org/changeset/doc/42213 Log: - Add Q2 report on the new Capsicum features SoC project Submitted by: Mario Oshogbo Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2013-04-2013-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2013-04-2013-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2013-04-2013-06.xml Tue Jul 9 08:32:42 2013 (r42212) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2013-04-2013-06.xml Tue Jul 9 08:33:27 2013 (r42213) @@ -18,7 +18,7 @@

Thanks to all the reporters for the excellent work! This report - contains 27 entries and we hope you enjoy reading it.

+ contains 28 entries and we hope you enjoy reading it.

The deadline for submissions covering between July and September 2013 @@ -1523,4 +1523,60 @@ functionality through pkg(8).Merge remaining changes into head. + + + New Capsicum Features + + + + + Mariusz + Zaborski + + oshogbo@FreeBSD.org + + + + + Pawel Jakub + Dawidek + + pjd@FreeBSD.org + + + + + + + + +

Capsicum is a lightweight OS capability and sandboxing + framework implemented in &os;. This is still a new technology, + so there is a lot of space for improvements. Thanks to the + Google Summer of Code program and Pawel Jakub Dawidek for + volunteering as mentor, Mariusz will have the chance to work on + this project in the summer.

+ +

The work on sandboxing the rwho(1) and + rwhod(8) utilities was completed recently. There is + also a plan to implement two new modules for Casper. Casper is + a daemon to provide services for applications using Capsicum's + capability mode. Some experimentation with implementing two new + capability rights is in progress, so as porting one more program + to use the existing features of the Capsicum framework.

+ + + + system.unix — a Casper module provides + connect and listen on Unix domain socket. + + system.udp — a Casper module enabling + connect, listen, sending and receive UDP packages. + + Implementing sandboxing for fetch(1). + + Introduce new capability rights: CAP_SEND_RIGHTS + and CAP_RECV_RIGHTS. + +