[Cryptography] Fwd: [capsicum] capsicum-linux codebase
Ben Laurie
ben at links.org
Tue Oct 22 05:11:38 EDT 2013
Not crypto, but very much security: Capsicum is a capability system layered
on top of POSIX. It is enabled by default in FreeBSD from 9.1.
We're working on a Linux port.
---------- Forwarded message ----------
From: David Drysdale <drysdale at google.com>
Date: 22 October 2013 10:07
Subject: [capsicum] capsicum-linux codebase
To: cl-capsicum-discuss at lists.cam.ac.uk
Cc: Ben Laurie <benl at google.com>
Hi,
As some of you know, I'm working on getting Capsicum working in the Linux
kernel, based on the FreeBSD implementation and on previous work done by
Meredydd Luff in his stint as a Google intern.
If anyone is interested in the details, the Git repo is now visible at:
https://github.com/google/capsicum-linux
This is still work in progress, but I've merged Meredydd's work up to a
more recent kernel (3.11.1), and I'm slowly converging on functional
equivalence to FreeBSD 9.x -- catching up with Pawel et al's more recent
work will come later.
Along the way, I've also separated out a bunch of user-space tests for the
Capsicum syscall functionality into a separate repo at:
https://github.com/google/capsicum-test
This combines both the FreeBSD test cases and Meredydd's test code with a
few extras, but I've pulled it into a separate repo to make it easy to run
on both Linux and FreeBSD, to allow cross-comparison. It may potentially
also be useful for other Capsicum port efforts (although as above, it's
targeted at the level of function in FreeBSD 9.x, not 10.x).
Let me know if you have any questions,
David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131022/cbff1c77/attachment.html>
More information about the cryptography
mailing list