Date: Sun, 10 Jul 2011 01:22:20 +0300 From: Gleb Kurtsou <gleb.kurtsou@gmail.com> To: Gabor Kovesdan <gabor@FreeBSD.org> Cc: freebsd-hackers@freebsd.org Subject: Re: Capsicum project: Ideas needed Message-ID: <20110709222220.GA82930@tops> In-Reply-To: <4E186B89.8080003@FreeBSD.org> References: <4E167C94.70300@kibab.com> <iv6ss5$1h5$1@dough.gmane.org> <4E186B89.8080003@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On (09/07/2011 15:54), Gabor Kovesdan wrote: > Em 08-07-2011 13:23, Ivan Voras escreveu: > > On 08/07/2011 05:42, Ilya Bakulin wrote: > >> Hi hackers, > >> As a part of ongoing effort to enhance usage of Capsicum in FreeBSD base > >> system, I want to ask you, which applications in the base system should > >> receive sandboxing support. > > > > How about a small description what sandboxing can bring to applications? > > > > I'm browsing the documents at > > http://www.cl.cam.ac.uk/research/security/capsicum/documentation.html > > but it looks like it still mostly describes the generic framework > > rather than what you can do with it. From it, it looks like you can > > set limits on file handle operations (e.g. (lc_limitfd(STDOUT_FILENO, > > CAP_FSTAT | CAP_SEEK | CAP_WRITE)), but what else? > Yes, I've been reading the thread and I don't know either what are the > deliverables of a Capsicum sandbox. > > Anyway, consider sendmail and BIND. I think these are important enough > to get some more protection. Both sendmail and bind are very complicated peaces of software. I thinks it would be necessary to split them up into several independent daemons first and than place each into capsicum sandbox. Privilege separation makes sshd a better condidate here (sshd is already sandboxed). I'd really like to see lwresd sandboxed and enabled by default, ntpdate may also be a good candidate but it's not that important. > > Gabor > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110709222220.GA82930>