[GSOC] capsicum week9 report
joris at giovannangeli.fr
Mon Aug 19 05:54:20 PDT 2013
this week I've been mostly fixing (tons of) bugs. I've ported the tests
from freeBSD and ran them on a vkernel, and I spent the first part of
the week fixing the panics and assertions failure.
* The panic in ioctls_limit is fixed.
* The code to pass filedescriptor through AF_UNIX sockets pass
capability rights in addition to file pointers.
* I've fixed some bugs in the nlookup code, and I ran a custom test
programm to check that there is no race in nlookup which could permit a
programm to escape its sandbox. I'm not totally convinced yet, more
tests are needed in this area.
* I've done a port of dntpd to capsicum (code not pushed yet), but I'm
still fixing bugs because it only segfaults for now.
More testing is planned for next week,
More information about the Kernel