From owner-freebsd-hackers@FreeBSD.ORG  Sat Jul  9 15:13:01 2011
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E463C106564A
	for <freebsd-hackers@freebsd.org>; Sat,  9 Jul 2011 15:13:01 +0000 (UTC)
	(envelope-from gabor@FreeBSD.org)
Received: from server.mypc.hu (server.mypc.hu [87.229.73.95])
	by mx1.freebsd.org (Postfix) with ESMTP id 70E5F8FC12
	for <freebsd-hackers@freebsd.org>; Sat,  9 Jul 2011 15:13:00 +0000 (UTC)
Received: from server.mypc.hu (localhost [127.0.0.1])
	by server.mypc.hu (Postfix) with ESMTP id DFF4D14E5A39
	for <freebsd-hackers@freebsd.org>;
	Sat,  9 Jul 2011 16:53:54 +0200 (CEST)
X-Virus-Scanned: amavisd-new at server.mypc.hu
Received: from server.mypc.hu ([127.0.0.1])
	by server.mypc.hu (server.mypc.hu [127.0.0.1]) (amavisd-new, port 10024)
	with LMTP id CEmBQyQ+Ijae for <freebsd-hackers@freebsd.org>;
	Sat,  9 Jul 2011 16:53:51 +0200 (CEST)
Received: from [193.137.158.212] (unknown [193.137.158.212])
	(using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	by server.mypc.hu (Postfix) with ESMTPSA id 8F3F114E59EF
	for <freebsd-hackers@freebsd.org>;
	Sat,  9 Jul 2011 16:53:51 +0200 (CEST)
Message-ID: <4E186B89.8080003@FreeBSD.org>
Date: Sat, 09 Jul 2011 15:54:01 +0100
From: Gabor Kovesdan <gabor@FreeBSD.org>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
	rv:5.0) Gecko/20110624 Thunderbird/5.0
MIME-Version: 1.0
To: freebsd-hackers@freebsd.org
References: <4E167C94.70300@kibab.com> <iv6ss5$1h5$1@dough.gmane.org>
In-Reply-To: <iv6ss5$1h5$1@dough.gmane.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: Capsicum project: Ideas needed
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Jul 2011 15:13:02 -0000

Em 08-07-2011 13:23, Ivan Voras escreveu:
> On 08/07/2011 05:42, Ilya Bakulin wrote:
>> Hi hackers,
>> As a part of ongoing effort to enhance usage of Capsicum in FreeBSD base
>> system, I want to ask you, which applications in the base system should
>> receive sandboxing support.
>
> How about a small description what sandboxing can bring to applications?
>
> I'm browsing the documents at 
> http://www.cl.cam.ac.uk/research/security/capsicum/documentation.html 
> but it looks like it still mostly describes the generic framework 
> rather than what you can do with it. From it, it looks like you can 
> set limits on file handle operations (e.g. (lc_limitfd(STDOUT_FILENO, 
> CAP_FSTAT | CAP_SEEK | CAP_WRITE)), but what else?
Yes, I've been reading the thread and I don't know either what are the 
deliverables of a Capsicum sandbox.

Anyway, consider sendmail and BIND. I think these are important enough 
to get some more protection.

Gabor