From owner-freebsd-hackers@FreeBSD.ORG Fri Jul 8 03:42:22 2011 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B586A106564A for ; Fri, 8 Jul 2011 03:42:22 +0000 (UTC) (envelope-from webmaster@kibab.com) Received: from mx0.deglitch.com (cl-414.sto-01.se.sixxs.net [IPv6:2001:16d8:ff00:19d::2]) by mx1.freebsd.org (Postfix) with ESMTP id 65D3B8FC18 for ; Fri, 8 Jul 2011 03:42:22 +0000 (UTC) Received: from kibab-darwin.local (95-26-230-106.broadband.corbina.ru [95.26.230.106]) by mx0.deglitch.com (Postfix) with ESMTPSA id A0A4D8FC2D; Fri, 8 Jul 2011 07:42:17 +0400 (MSD) Message-ID: <4E167C94.70300@kibab.com> Date: Fri, 08 Jul 2011 07:42:12 +0400 From: Ilya Bakulin User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; ru; rv:1.9.2.18) Gecko/20110616 Thunderbird/3.1.11 MIME-Version: 1.0 To: freebsd-hackers@freebsd.org X-Enigmail-Version: 1.1.1 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigD3767EDBEB3864393338BB2F" Cc: "Robert N. M. Watson" , Jonathan Anderson , Ben Laurie Subject: Capsicum project: Ideas needed X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2011 03:42:22 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigD3767EDBEB3864393338BB2F Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hi hackers, As a part of ongoing effort to enhance usage of Capsicum in FreeBSD base system, I want to ask you, which applications in the base system should receive sandboxing support. So far, the following applications were sandboxed during initial Capsicum research project: sshd: critical system service run by root; gzip: utility that operates with potentially buggy compression code tcpdump: contains complex packet-parsing code, run by root; I have added sandboxing to syslogd, because this is also a critical system service run by root. I'm also going to add sandboxing to xz (compression algorithms) and ntpd (critical system service run by root). The question is: which applications should also be processed? I think that the most wanted candidates are SUID programs and/or popular network daemons. But looking at gzip example I also think about text-processing tools in general. At the moment I prefer not to focus on applications that are used only on desktop system -- primary usage of FreeBSD is ultra-reliable serving platform, although iXSystems guys may correct me :-) --=20 Regards, Ilya Bakulin http://kibab.com xmpp://kibab612@jabber.ru --------------enigD3767EDBEB3864393338BB2F Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk4WfJkACgkQo9vlj1oadwjDRACfajS6Nb6+Kn+6RWmguVVdHC6S wlIAoJrwKr9tlxl3BL50sizKFlFLerm+ =OBXp -----END PGP SIGNATURE----- --------------enigD3767EDBEB3864393338BB2F--