On Sat, 22 Jan 2011, Robert Watson wrote: > Jon and my current plan is to merge, over the next few months, various > kernel features required to support Capscium sandboxing for FreeBSD 9.0: > first capability mode support (this week), then capabilities themselves > (which are a form of file descriptor in Capsicum), followed by process > descriptors (a file descriptor alternative to process IDs that may be used > by supporting applications). The current plan is *not* to merge > libcapsicum, a userspace library used by certain applications to construct > sandboxes, as we feel the API remains insufficiently mature at this point. > However, the Capsicum system calls can still be used directly by > applications, including Chromium. We would distribute libcapsicum as a > package alongside 9.0, just not as a supported OS API for the time being. FYI: Jon and I have now started the merge; I committed basic kernel capability mode support yesterday (cap_enter(2), cap_getmode(2), new errno values, capabilities.conf). Over the next few weeks we'll merge man pages, additional kernel support for capability mode and capabilities, including delegated file system subtrees in capability mode, cap_new(2) and friends, process descriptors, and so on. Kernel support for these features will remain conditional on compiling in options CAPABILITIES (and later options PROCDESC) for the time being. RobertReceived on Wed Mar 02 2011 - 10:20:02 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:12 UTC