Capsicum: Practical Capabilities for UNIX
نویسندگان
چکیده
Capsicum is a lightweight operating system capability and sandbox framework planned for inclusion in FreeBSD 9. Capsicum extends, rather than replaces, UNIX APIs, providing new kernel primitives (sandboxed capability mode and capabilities) and a userspace sandbox API. These tools support the compartmentalization of monolithic UNIX applications into logical applications. We demonstrate our approach by adapting core FreeBSD utilities and Google’s Chromium web browser to use Capsicum primitives, and compare the complexity and robustness of Capsicum with other sandboxing techniques.
منابع مشابه
Analyzing Capsicum for Usability and Performance
In this paper I investigate Capsicum, an extension to UNIX that introduces a new security model on top of existing UNIX architecture. This model consists of several new security primitives and system calls that replace existing UNIX functionality. I focus on two aspects of Capsicum: performance and usability. For performance, I compare the performance of Capsicum system calls to corresponding U...
متن کاملNew approaches to operating system security extensibility
This dissertation proposes new approaches to commodity computer operating system (OS) access control extensibility that address historic problems with concurrency and technology transfer. Access control extensibility addresses a lack of consensus on operating system policy model at a time when security requirements are in flux: OS vendors, anti-virus companies, firewall manufacturers, smart pho...
متن کاملPepper (Capsicum annuum L.) anther culture: fundamental research and practical applications
* Correspondence: [email protected]
متن کاملProgramming for a Capability System via Safety Games
New operating systems with security-specific system calls, such as the Capsicum capability system, allow programmers to write applications that satisfy strong security properties with significantly less effort than full verification. However, the amount of effort required is still high enough that even the Capsicum developers have reported difficulties in writing correct programs for their syst...
متن کاملTRON: Process-Specific File Protection for the UNIX Operating System
The file protection mechanism provided in UNIX is insufficient for current computing environments. While the UNIX file protection system attempts to protect users from attacks by other users, it does not directly address the agents of destruction— executing processes. As computing environments become more interconnected and interdependent, there is increasing pressure and opportunity for users ...
متن کامل