From owner-freebsd-current@FreeBSD.ORG  Wed Mar  2 11:20:02 2011
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: current@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 92548106564A;
	Wed,  2 Mar 2011 11:20:02 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42])
	by mx1.freebsd.org (Postfix) with ESMTP id 68A3E8FC14;
	Wed,  2 Mar 2011 11:20:02 +0000 (UTC)
Received: from fledge.watson.org (fledge.watson.org [65.122.17.41])
	by cyrus.watson.org (Postfix) with ESMTPS id E2E4A46B8F;
	Wed,  2 Mar 2011 06:20:01 -0500 (EST)
Date: Wed, 2 Mar 2011 11:20:01 +0000 (GMT)
From: Robert Watson <rwatson@FreeBSD.org>
X-X-Sender: robert@fledge.watson.org
To: arch@FreeBSD.org
In-Reply-To: <alpine.BSF.2.00.1101221506260.83042@fledge.watson.org>
Message-ID: <alpine.BSF.2.00.1103021115490.52352@fledge.watson.org>
References: <alpine.BSF.2.00.1101221506260.83042@fledge.watson.org>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: cl-capsicum-discuss@lists.cam.ac.uk, current@FreeBSD.org
Subject: Capsicum merge in progress (was: Re: Capsicum -- 9.x merge in sight)
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Mar 2011 11:20:02 -0000

On Sat, 22 Jan 2011, Robert Watson wrote:

> Jon and my current plan is to merge, over the next few months, various 
> kernel features required to support Capscium sandboxing for FreeBSD 9.0: 
> first capability mode support (this week), then capabilities themselves 
> (which are a form of file descriptor in Capsicum), followed by process 
> descriptors (a file descriptor alternative to process IDs that may be used 
> by supporting applications).  The current plan is *not* to merge 
> libcapsicum, a userspace library used by certain applications to construct 
> sandboxes, as we feel the API remains insufficiently mature at this point. 
> However, the Capsicum system calls can still be used directly by 
> applications, including Chromium. We would distribute libcapsicum as a 
> package alongside 9.0, just not as a supported OS API for the time being.

FYI:

Jon and I have now started the merge; I committed basic kernel capability mode 
support yesterday (cap_enter(2), cap_getmode(2), new errno values, 
capabilities.conf).  Over the next few weeks we'll merge man pages, additional 
kernel support for capability mode and capabilities, including delegated file 
system subtrees in capability mode, cap_new(2) and friends, process 
descriptors, and so on.  Kernel support for these features will remain 
conditional on compiling in options CAPABILITIES (and later options PROCDESC) 
for the time being.

Robert