|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Capsicum: Practical capabilities for UNIX
If you have a question about this talk, please contact Jonathan Anderson.
Capsicum is a lightweight operating system capability and sandbox framework planned for inclusion in FreeBSD 9.
Capsicum extends, rather than replaces, UNIX AP Is, providing new kernel primitives (sandboxed capability mode and capabilities) and a userspace sandbox API . These tools support the compartmentalization of monolithic UNIX applications into logical applications.
We demonstrate our approach by adapting core FreeBSD utilities and Google’s Chromium web browser to use Capsicum primitives, and compare the complexity and robustness of Capsicum with other sandboxing techniques.
This talk is part of the Computer Laboratory Security Group meeting presentations series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsTechnology Enterprise Group Seminar Series Cambridge Epigenetics Club Cambridge Language Sciences Early-Career Researchers Events
Other talksACAT1/SOAT1 as a therapeutic target for Alzheimer's disease New York City's affordable housing plan under Mayor De Blasio and the limits of local initiative in making housing affordable Pin(2)-equivariant Floer homology and homology cobordism Marriage, mourning and martyrdom: the history of an 18th-century English bed-sheet Fishermen, fossils and flints: varied approaches to targeting and investigating submerged Palaeolithic archaeology in the North Sea Chronic respiratory diseases and healthy aging: an epidemiological point of view