Date: Sat, 6 Jul 2013 21:29:50 +0000 (UTC) From: Gabor Pali <pgj@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r42179 - head/en_US.ISO8859-1/htdocs/news/status Message-ID: <201307062129.r66LTohJ015130@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: pgj Date: Sat Jul 6 21:29:50 2013 New Revision: 42179 URL: http://svnweb.freebsd.org/changeset/doc/42179 Log: - Add Q2 report on Capsicum-based sandboxing in base Submitted by: pjd Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2013-04-2013-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2013-04-2013-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2013-04-2013-06.xml Sat Jul 6 19:41:49 2013 (r42178) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2013-04-2013-06.xml Sat Jul 6 21:29:50 2013 (r42179) @@ -18,7 +18,7 @@ <!-- XXX: keep updating the number of entries --> <p>Thanks to all the reporters for the excellent work! This report - contains 16 entries and we hope you enjoy reading it.</p> + contains 17 entries and we hope you enjoy reading it.</p> <!-- XXX: set date for the next set of submissions --> <p>The deadline for submissions covering between July and September 2013 @@ -858,4 +858,102 @@ </ul> </body> </project> + + <project cat='bin'> + <title>Capsicum</title> + + <contact> + <person> + <name> + <given>Pawel Jakub</given> + <common>Dawidek</common> + </name> + <email>pjd@FreeBSD.org</email> + </person> + + <person> + <name> + <given>Capsicum</given> + <common>Mailing List</common> + </name> + <email>cl-capsicum-discuss@lists.cam.ac.uk</email> + </person> + </contact> + + <links> + <url href="http://www.cl.cam.ac.uk/research/security/capsicum/"/>; + <url href="https://lists.cam.ac.uk/mailman/listinfo/cl-capsicum-discuss"/>; + </links> + + <body> + <p>Capsicum (lightweight OS capability and sandbox framework) is + being actively worked on. In the last few months the following + tasks have been completed:</p> + + <ul> + <li>Committed Capsicum overhaul to &os; <tt>head</tt> (r247602). + This allows to use capability rights in more places, simplifies + kernel code and implements ability to limit <tt>ioctl(2)</tt> + and <tt>fcntl(2)</tt> system calls.</li> + + <li><tt>hastd(8)</tt> is now using Capsicum for sandboxing, as + whitelisting ioctls is possible (r248297).</li> + + <li><tt>auditdistd(8)</tt> is now using Capsicum for sandboxing, + as it is now possible to setup append-only restriction on file + descriptor (available in Perforce).</li> + + <li>Implemented <tt>connectat(2)</tt> and <tt>bindat(2)</tt> + system calls for UNIX domain sockets that are allowed in + capability mode (r247667).</li> + + <li>Implemented <tt>chflagsat(2)</tt> system call + (r248599).</li> + + <li>Revised the Casper daemon for application capabilities.</li> + + <li>Implemented <tt>libcapsicum</tt> for application + capabilities.</li> + + <li>Implemented various Casper services to be able to use more + functionality within a sandbox: <tt>system.dns</tt>, + <tt>system.pwd</tt>, <tt>system.grp</tt>, + <tt>system.random</tt>, <tt>system.filesystem</tt>, + <tt>system.socket</tt>, <tt>system.sysctl</tt>.</li> + + <li>Implemented Capsicum sandboxing for <tt>kdump(1)</tt> (from + r251073 to r251167). The version in Perforce also supports + sandboxing for the <tt>-r</tt> flag, using Casper + services.</li> + + <li>Implemented Capsicum sandboxing for <tt>dhclient(8)</tt> + (from r252612 to r252697).</li> + + <li>Implemented Capsicum sandboxing for <tt>tcpdump(8)</tt> + (available in Perforce).</li> + + <li>Implemented Capsicum sandboxing for <tt>libmagic(3)</tt> + (available in Perforce).</li> + + <li>Implemented the <tt>libnv</tt> library for name/value pairs + handling in the hope of wider adaptation across &os;.</li> + </ul> + + <p>For Capsicum-based sandboxing in the &os; base system, the + commits referenced above and the provided code aim to serve as + examples. We would like to see more &os; tools to be sandboxed + — every tool that can parse data from untrusted sources, + for example.</p> + + <p>This work is being sponsored by the &os; Foundation and + Google.</p> + </body> + + <help> + <task>Get involved, make the Internet finally(!) a secure place. + Contact us at the <tt>cl-capsicum-discuss</tt> mailing list, + where we can provide guidelines on how to do sandboxing + properly. The fame is there, waiting.</task> + </help> + </project> </report>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201307062129.r66LTohJ015130>