A taste of Capsicum: practical capabilities for UNIX
Abstract
Capsicum is a lightweight operating system (OS) capability and sandbox framework planned for inclusion in
FreeBSD 9. Capsicum extends, rather than replaces, UNIX
APIs, providing new kernel primitives (sandboxed capability mode and capabilities) and a userspace sandbox API.
These tools support decomposition of monolithic UNIX
applications into compartmentalized logical applications,
an increasingly common goal that is supported poorly by
existing OS access control primitives. We demonstrate our
approach by adapting core FreeBSD utilities and Google
FreeBSD 9. Capsicum extends, rather than replaces, UNIX
APIs, providing new kernel primitives (sandboxed capability mode and capabilities) and a userspace sandbox API.
These tools support decomposition of monolithic UNIX
applications into compartmentalized logical applications,
an increasingly common goal that is supported poorly by
existing OS access control primitives. We demonstrate our
approach by adapting core FreeBSD utilities and Google
Research Areas
