Date: Tue, 16 Jul 2013 11:53:34 +0200 From: Mario Oshogbo <oshogbo@FreeBSD.org> To: soc-status@freebsd.org Cc: pjd@freebsd.org Subject: Weekly status report #3 Message-ID: <51E5181E.3060904@FreeBSD.org>
next in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) ------enig2SCUHPWXXTFEUXAELLNKC Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hi, I almost finished implementing CAP_SEND_RIGHTS and CAP_RECV_RIGHTS. I implemented two different approach to the problem. First method was to give capability rights deeper to the functions that operate on sent/received package. This method you can see on http://p4web.freebsd.org/@md=3Dd&cd=3D//depot/user/oshogbo/&c=3Dc5V@//dep= ot/user/oshogbo/capsicum_rights/?ac=3D83 This method is very invasive and it force to change a lot of interface to do it. The scened method was to check rights in function sorecive/sosend, so on very higher level then in the first approach. This method is good for sending descriptors but its very unsecured for receiving descriptors. When we checking rights to recv the descriptors are already allocated in userland memory. Even if we decided to free descriptors after checking rights, we can image attack that will duplicate the descriptor using another thread before we check rights and free those descriptors. This approach you can see on this branch: http://p4web.freebsd.org/@md=3Dd&cd=3D//depot/user/oshogbo/&c=3Dc5V@//dep= ot/user/oshogbo/capsicum_rights2/?ac=3D83 There are still few things that my Mentor recommender my to discuss on freebsd-net mailing group list. You can fallow the first thread on http://lists.freebsd.org/pipermail/freebsd-net/2013-July/036050.html My mentor and I write few words for FreeBSD status reports: http://www.freebsd.org/news/status/report-2013-04-2013-06.html#New-Capsic= um-Features I also decided to write some blog post about configuring FreeBSD diskless on VirtualBox: http://oshogbo.vexillium.org/news/28/ Cheers, oshogbo ------enig2SCUHPWXXTFEUXAELLNKC Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJR5RghAAoJECRkYejLhN/jvCQP/3i3RYlU6/KAdjw5uLSZTKwK IMs1nRSS/zQOk7jfbTc00sfGqnQJ1eIPJI+6ghW/9+1Lcz1RmioHo/sYSNjK5qxk a4plTcetEU1dzqmR1tNCqINFYBMaKzdVfdCEi50LWM4ANRhUSRy2UT4XM28nF5a4 hgJgsyldGbQbQok5Kb15GtGXyqmTKxxDMtSmkata3BT74JOhNaMUh9srHyLIsOTm y7Qo/Chu8KAngVbW5f/q0VFczVAOTcp3An3H/vUd/u7wxWQ+edRBsb4OIerAMP6H VD+CKUd1mMuHtk/Q4ZfAu8TsdlfjsNAjJ0bfVrt/cdinV3Ab6qUaA8YsuU8XDlwP U/NjJcTVn+xwwY2+jBt69aME5CPqyQ3v9U+PDtNQYkZ0f0wrV/8Q+VbqG1nd+oqW KRQiRM3dUvIJKAi5+7abUHrSCd07LdapLtNSVWGPOnPpIAdnLoZC0OY6bTYSkBmA zWyjfu9tNp2hn8hNLoByFW1N6ugtfNywYQojNgzx6ByFw8fHM6YiCFjsqK9k1S9k 5nq4ngA8R3Swj2g6Kb0vkA99fDcVLwsJGgaUsF+bcfZilFzWtgLf7UC1Fgl4tzFU GTA/y5L/nw65oaR11NnBMWikHvalAu+v12ExN/qh9WuL0Is7go/9tHPzCuL9hAnA cMr7/bz5SMx58tOAlU57 =z2iw -----END PGP SIGNATURE----- ------enig2SCUHPWXXTFEUXAELLNKC--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51E5181E.3060904>