Re: Mult and process isolation (kauth perhaps?)

To: netbsd-users%netbsd.org@localhost
Subject: Re: Mult and process isolation (kauth perhaps?)
From: David Young <dyoung%pobox.com@localhost>
Date: Sat, 23 Oct 2010 21:46:17 -0500

On Thu, Oct 21, 2010 at 09:22:52PM +0100, Thomas Adam wrote:
> Hi all,
> 
> So I've been curious for a while now about whether it's feasible or even
> desirable to have some form of native jail implementation in NetBSD.  Then I
> realised that I'd seen a video a few years ago about process isolation and
> something called Mult [1] -- but unfortunately that seems more or less
> shelved (and given that it's been two years since anyway, that code, even if
> it were available might be subject to huge bit-rot anyway.)

It is just my personal opinion that it's most desirable to
have in NetBSD a capabilities framework such as Capsicum
<http://www.cl.cam.ac.uk/research/security/capsicum/>, which need not be
and should not be implemented in terms of kauth.

See the discussion at
<http://mail-index.netbsd.org/tech-kern/2010/09/24/msg008874.html>.

Dave

-- 
David Young             OJC Technologies
dyoung%ojctech.com@localhost      Urbana, IL * (217) 278-3933

References:
- Mult and process isolation (kauth perhaps?)
  - From: Thomas Adam

Prev by Date: Re: wiki.netbsd.se
Next by Date: 5.1_RC4 - gdb can't attach to processes
Previous by Thread: Re: Mult and process isolation (kauth perhaps?)
Next by Thread: Problems with Netra X1 and 5.0.2?
Indexes:

Home | Main Index | Thread Index | Old Index