|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Capsicum: Practical capabilities for UNIX
If you have a question about this talk, please contact Jonathan Anderson.
Capsicum is a lightweight operating system capability and sandbox framework planned for inclusion in FreeBSD 9.
Capsicum extends, rather than replaces, UNIX AP Is, providing new kernel primitives (sandboxed capability mode and capabilities) and a userspace sandbox API . These tools support the compartmentalization of monolithic UNIX applications into logical applications.
We demonstrate our approach by adapting core FreeBSD utilities and Google’s Chromium web browser to use Capsicum primitives, and compare the complexity and robustness of Capsicum with other sandboxing techniques.
This talk is part of the Computer Laboratory Security Group meeting presentations series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsFaculty of Education Research Students' Association (FERSA) Lunchtime Seminars / Guest Lectures 2013-2014 Statistical Laboratory International Year of Statistics Public Lectures Enterprise Tuesday 2012/2013
Other talksNational and Regional Institutional Dynamics in the Aftermath of Non-Traditional Security Crises in Southeast Asia. What role for the EU? Bedford & Milton Keynes Waterway THE DRILLERS DON’T LIKE GETTING WET or WHY THE LAUNDRY ROOM KEEPS GETTING FLOODED : Water up to surprisingly high levels around the legs of large floating oil rigs Under pressure: Environmental stressors alter relationships between physiology and behaviour in fishes Representing microbial communities in Earth system models Degrees of inclusion. Free movement of labour and the unionization of migrant workers in the European Union