Re: Capsicum: practical capabilities for UNIX

[Jukka Ruohonen <jruohonen%iki.fi@localhost>]

On Sun, Sep 26, 2010 at 08:48:45PM -0400, Perry E. Metzger wrote:
> They did Chrome in the paper, and it required very few lines of code
> (under 100). They did other tests too. It appears that they've had
> quite a bit of success in creating a very usable API here. I'm not
> entirely surprised, given the nature of what they're doing.

Just a little historical remark.

I am little puzzled why Watson et. al. did not bother to mention Linux
capabilities that have existed for a long time. The Linux API is almost
identical to the one proposed in the "capsicum" paper. And yet, Linux
capabilities are seldom used.

Perhaps a general perception would be that somehow these capabilities slided
to sidetracks from the very beginning. One probable cause for this was that
the vendor-independent committee that started the whole thing was unable to
provide something that could have become an actual standard across UNIX
platforms and their derivatives.  The result was only a draft POSIX
document, IEEE 1003.1e, released in 1997, which is considered a failure by
many.

Maybe there is something to learn from here.

- Jukka.