Re: Capsicum: practical capabilities for UNIX

To: tech-kern%NetBSD.org@localhost
Subject: Re: Capsicum: practical capabilities for UNIX
From: David Young <dyoung%pobox.com@localhost>
Date: Tue, 26 Oct 2010 10:01:10 -0500

On Tue, Oct 26, 2010 at 06:44:48AM +0300, Jukka Ruohonen wrote:
> On Mon, Oct 25, 2010 at 07:28:56PM -0500, David Young wrote:
> > The chief difference I see between a process limited by Capsicum and
> > a process limited by Systrace is that the Capsicum-limited process
> > has only the privileges that the parent process grants it, while the
> > Systrace-limited process has a system-call firewall applied.  It's
> > easier with the Capsicum-limited process than with the Systrace-limited
> > process to reason about what the process can do, and to adjust the
> > process privileges, because it's easier to name and count capabilities
> > than to read, interpret, and re-write systrace rules.
> 
> Does this mean that every program that wants to use Capsicum needs to be
> patched to use Capsicum?

No.

Dave

-- 
David Young             OJC Technologies
dyoung%ojctech.com@localhost      Urbana, IL * (217) 278-3933

References:
- Capsicum: practical capabilities for UNIX
  - From: David Young
- Re: Capsicum: practical capabilities for UNIX
  - From: Jean-Yves Migeon
- Re: Capsicum: practical capabilities for UNIX
  - From: Perry E. Metzger
- Re: Capsicum: practical capabilities for UNIX
  - From: Jean-Yves Migeon
- Re: Capsicum: practical capabilities for UNIX
  - From: David Young
- Re: Capsicum: practical capabilities for UNIX
  - From: Jukka Ruohonen

Prev by Date: Re: XIP
Next by Date: Re: Capsicum: practical capabilities for UNIX
Previous by Thread: Re: Capsicum: practical capabilities for UNIX
Next by Thread: Re: Capsicum: practical capabilities for UNIX
Indexes:

Home | Main Index | Thread Index | Old Index