URL:
<http://gna.org/task/?func=detailitem&item_id=2893>
Summary: Submission of Plash
Project: Gna! Administration
Submitted by: markseaborn
Submitted on: Monday 02/06/2006 at 20:55
Status: None
Approval Status: None
Should Start On: Monday 02/06/2006 at 00:00
Should be Finished on: Thursday 02/16/2006 at 00:00
Category: Project Approval
Priority: 5 - Normal
Privacy: Public
Assigned to: None
Open/Closed: Open
_______________________________________________________
Details:
A new project has been registered at Gna!
The project account will remain inactive until a site admin approve or
discard the registration.
######### REGISTRATION ADMINISTRATION #########
While this item will be useful to track the registration process, approving
or discarding the registration must be done using the specific "Group
Administration" page, accessible only to site administrators, effectively
logged as site administrators (superuser):
<https://gna.org/siteadmin/groupedit.php?group_id=1501>
######### REGISTRATION DETAILS #########
Full Name:
----------
Plash
System Group Name:
-----------------
plash
Type:
-----
Programs
License:
--------
GNU Lesser General Public License
Description:
------------
Plash is a sandbox for running Linux programs with the minimum necessary
privileges. It is similar to chroot jails, but is more lightweight and
flexible. You can use Plash to grant a process read-only or read-write access
to specific files and directories, which can be mapped at any point in its
private filesystem namespace.
Plash provides a command line tool (pola-run) for running programs in a
sandbox, granting access to specific files and directories.
Plash also provides a "powerbox" user interface by which the user can grant
an application the right to access files. A powerbox is just like a normal
file chooser dialog box, except that it also grants access rights. The
powerbox is implemented as a trusted component -- applications must ask the
system to open a file chooser, rather than implementing it themselves. Plash
comes with a patch to Gtk to implement GtkFileChooserDialog in terms of the
powerbox API.
The Plash execution environment doesn't require a modified Linux kernel -- it
uses chroot() and UIDs. It works with existing Linux executables, provided
they are dynamically linked, because Plash uses a modified version of GNU
libc.
Plash virtualizes the filesystem. With the modified libc, open() works by
sending a request across a socket. The server process can send a file
descriptor back across the socket in response. Usually, Plash does not slow
programs down because the most frequently used system calls (such as read()
and write()) work on kernel-level file descriptors as before.
http://plash.beasts.org
Other Software Required:
------------------------
Gtk
OCaml (for compiling a parser only)
Other Comments:
---------------
Plash is on savannah.gnu.org, but I'm looking to have a Subversion
repository.
_______________________________________________________
Reply to this item at:
<http://gna.org/task/?func=detailitem&item_id=2893>
_______________________________________________
Message sent via/by Gna!
http://gna.org/
