From owner-svn-doc-head@FreeBSD.ORG Tue Jan 14 17:04:55 2014 Return-Path: Delivered-To: svn-doc-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 90278132; Tue, 14 Jan 2014 17:04:55 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 618961A26; Tue, 14 Jan 2014 17:04:55 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id s0EH4t2V057509; Tue, 14 Jan 2014 17:04:55 GMT (envelope-from pgj@svn.freebsd.org) Received: (from pgj@localhost) by svn.freebsd.org (8.14.7/8.14.7/Submit) id s0EH4tKl057508; Tue, 14 Jan 2014 17:04:55 GMT (envelope-from pgj@svn.freebsd.org) Message-Id: <201401141704.s0EH4tKl057508@svn.freebsd.org> From: Gabor Pali Date: Tue, 14 Jan 2014 17:04:55 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r43511 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-head@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for the doc tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jan 2014 17:04:55 -0000 Author: pgj Date: Tue Jan 14 17:04:54 2014 New Revision: 43511 URL: http://svnweb.freebsd.org/changeset/doc/43511 Log: - Add 2013Q4 report on Capsicum and Casper Submitted by: pjd Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2013-10-2013-12.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2013-10-2013-12.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2013-10-2013-12.xml Tue Jan 14 16:54:02 2014 (r43510) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2013-10-2013-12.xml Tue Jan 14 17:04:54 2014 (r43511) @@ -19,7 +19,7 @@

Thanks to all the reporters for the excellent work! This report - contains 24 entries and we hope you enjoy reading it.

+ contains 25 entries and we hope you enjoy reading it.

The deadline for submissions covering between January and March 2014 is April 7th, 2014.

@@ -1372,4 +1372,47 @@ device vt_vga CJK fonts (in progress). + + + Capsicum and Casper + + + + + Pawel Jakub + Dawidek + + pjd@FreeBSD.org + + + + + + + + +

Capsicum is a lightweight OS capability and sandbox framework + implementing a hybrid capability system model. The Casper + daemon enables sandboxed application to use functionality + normally unavailable in capability-mode sandboxes.

+ +

The Casper daemon, libcasper, libcapsicum(3), + libnv(3) and Casper services (system.dns, + system.grp, system.pwd, system.random + and system.sysctl) have been committed to &os; + head. The tcpdump(8) utility in head + now uses the system.dns service to do DNS lookups. The + kdump(1) utility in head now uses the + system.pwd and system.grp services to convert + user and group identifiers to user and group names.

+ +

There is ongoing work to sandbox more applications. If you are + interested in helping to make &os; more secure and would like to + learn about Capsicum and Casper, do not hesitate to contact + Pawel — he can provide candidate programs that could use + sandboxing.

+ +

The work was sponsored by The &os; Foundation.

+ +