From owner-freebsd-hackers@FreeBSD.ORG Sat Jul 9 22:22:38 2011 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 85225106566C for ; Sat, 9 Jul 2011 22:22:38 +0000 (UTC) (envelope-from gleb.kurtsou@gmail.com) Received: from mail-fx0-f44.google.com (mail-fx0-f44.google.com [209.85.161.44]) by mx1.freebsd.org (Postfix) with ESMTP id 1A9CD8FC16 for ; Sat, 9 Jul 2011 22:22:35 +0000 (UTC) Received: by fxe6 with SMTP id 6so2487223fxe.17 for ; Sat, 09 Jul 2011 15:22:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=TI3DOlFg9xiFs+060RGq5Y65iMAWy4E+EYfIXAmJiSs=; b=ogadrZ0sntfGQhXSZSPORLyVaqmZKEyZSxAcwd/0RHREgH/jAWjLORbIZwcLp9Kjqs qExe+FTzpqqylYuc7rg/X1/dKpPrpwFTWcE5plbTBcfTCTBFdouyTEAu/5HFb8PBdG/E YwS4rYQxuL2eLGx9yhJa/doog4hKnQHKQGch4= Received: by 10.223.13.198 with SMTP id d6mr5055813faa.119.1310250154205; Sat, 09 Jul 2011 15:22:34 -0700 (PDT) Received: from localhost (lan-78-157-92-5.vln.skynet.lt [78.157.92.5]) by mx.google.com with ESMTPS id 21sm8145530fay.21.2011.07.09.15.22.32 (version=SSLv3 cipher=OTHER); Sat, 09 Jul 2011 15:22:33 -0700 (PDT) Date: Sun, 10 Jul 2011 01:22:20 +0300 From: Gleb Kurtsou To: Gabor Kovesdan Message-ID: <20110709222220.GA82930@tops> References: <4E167C94.70300@kibab.com> <4E186B89.8080003@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <4E186B89.8080003@FreeBSD.org> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-hackers@freebsd.org Subject: Re: Capsicum project: Ideas needed X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 Jul 2011 22:22:38 -0000 On (09/07/2011 15:54), Gabor Kovesdan wrote: > Em 08-07-2011 13:23, Ivan Voras escreveu: > > On 08/07/2011 05:42, Ilya Bakulin wrote: > >> Hi hackers, > >> As a part of ongoing effort to enhance usage of Capsicum in FreeBSD base > >> system, I want to ask you, which applications in the base system should > >> receive sandboxing support. > > > > How about a small description what sandboxing can bring to applications? > > > > I'm browsing the documents at > > http://www.cl.cam.ac.uk/research/security/capsicum/documentation.html > > but it looks like it still mostly describes the generic framework > > rather than what you can do with it. From it, it looks like you can > > set limits on file handle operations (e.g. (lc_limitfd(STDOUT_FILENO, > > CAP_FSTAT | CAP_SEEK | CAP_WRITE)), but what else? > Yes, I've been reading the thread and I don't know either what are the > deliverables of a Capsicum sandbox. > > Anyway, consider sendmail and BIND. I think these are important enough > to get some more protection. Both sendmail and bind are very complicated peaces of software. I thinks it would be necessary to split them up into several independent daemons first and than place each into capsicum sandbox. Privilege separation makes sshd a better condidate here (sshd is already sandboxed). I'd really like to see lwresd sandboxed and enabled by default, ntpdate may also be a good candidate but it's not that important. > > Gabor > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"