On Sat, 22 Jan 2011, Robert Watson wrote:
Jon and my current plan is to merge, over the next few months, various
kernel features required to support Capscium sandboxing for FreeBSD 9.0:
first capability mode support (this week), then capabilities themselves
(which are a form of file descriptor in Capsicum), followed by process
descriptors (a file descriptor alternative to process IDs that may be used
by supporting applications). The current plan is *not* to merge
libcapsicum, a userspace library used by certain applications to construct
sandboxes, as we feel the API remains insufficiently mature at this point.
However, the Capsicum system calls can still be used directly by
applications, including Chromium. We would distribute libcapsicum as a
package alongside 9.0, just not as a supported OS API for the time being.
FYI:
Jon and I have now started the merge; I committed basic kernel capability mode
support yesterday (cap_enter(2), cap_getmode(2), new errno values,
capabilities.conf). Over the next few weeks we'll merge man pages, additional
kernel support for capability mode and capabilities, including delegated file
system subtrees in capability mode, cap_new(2) and friends, process
descriptors, and so on. Kernel support for these features will remain
conditional on compiling in options CAPABILITIES (and later options PROCDESC)
for the time being.
Robert
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
