From owner-freebsd-questions@FreeBSD.ORG Sun Apr 1 09:15:17 2012 Return-Path: Delivered-To: freebsd-questions@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7BCBC1065746 for ; Sun, 1 Apr 2012 09:15:17 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) by mx1.freebsd.org (Postfix) with ESMTP id DAD558FC08 for ; Sun, 1 Apr 2012 09:15:16 +0000 (UTC) Received: from seedling.black-earth.co.uk (seedling.black-earth.co.uk [IPv6:2001:8b0:151:1:fa1e:dfff:feda:c0bb]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.5/8.14.5) with ESMTP id q319FBxP031079 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Sun, 1 Apr 2012 10:15:12 +0100 (BST) (envelope-from matthew@FreeBSD.org) X-DKIM: OpenDKIM Filter v2.5.1 smtp.infracaninophile.co.uk q319FBxP031079 Authentication-Results: smtp.infracaninophile.co.uk/q319FBxP031079; dkim=none (no signature); dkim-adsp=none Message-ID: <4F781C97.9020205@FreeBSD.org> Date: Sun, 01 Apr 2012 10:15:03 +0100 From: Matthew Seaman User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:11.0) Gecko/20120327 Thunderbird/11.0.1 MIME-Version: 1.0 To: Peter Vereshagin References: <20120330224416.13643xk4rsfd2i5s@webmail.ime.usp.br> <20120401084719.GA12293@external.screwed.box> In-Reply-To: <20120401084719.GA12293@external.screwed.box> X-Enigmail-Version: 1.4 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig510DC7E3BA031B00E7F73D0D" X-Virus-Scanned: clamav-milter 0.97.4 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00 autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on lucid-nonsense.infracaninophile.co.uk Cc: freebsd-questions@FreeBSD.org, schultz@ime.usp.br Subject: Re: FreeBSD Security in Multiuser Environments X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2012 09:15:17 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig510DC7E3BA031B00E7F73D0D Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: quoted-printable On 01/04/2012 09:47, Peter Vereshagin wrote: >> Also, thanks for Capsicum, it sure is useful. > Who is that? Robert Watson, Jonathan Anderson and Ben Laurie are the principle 'who' behind Capsicum. Now, if you'ld asked 'What is that?' I'd've pointed you towards https://www.cl.cam.ac.uk/research/security/capsicum/ It's a "lightweight OS capability and sandbox framework," or in other words a way of enforcing restrictions on what objects -- particularly those built from foreign data eg. javascript in web pages -- can modify or access on your local system. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey --------------enig510DC7E3BA031B00E7F73D0D Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk94HJ4ACgkQ8Mjk52CukIwCaACeNts2PXpbxb9cBQ4DH6i8/Hra KEEAoJDtHYMka8ajwZaoPGmq9/G69zbi =lsXH -----END PGP SIGNATURE----- --------------enig510DC7E3BA031B00E7F73D0D--