[GSOC] capsicum week9 report

Joris Giovannangeli joris at giovannangeli.fr
Mon Aug 19 05:54:20 PDT 2013


this week I've been mostly fixing (tons of) bugs. I've ported the tests
from freeBSD and ran them on a vkernel, and I spent the first part of
the week fixing the panics and assertions failure.

* The panic in ioctls_limit is fixed.

* The code to pass filedescriptor through AF_UNIX sockets pass
capability rights in addition to file pointers.

* I've fixed some bugs in the nlookup code, and I ran a custom test
programm to check that there is no race in nlookup which could permit a
programm to escape its sandbox. I'm not totally convinced yet, more
tests are needed in this area.

* I've done a port of dntpd to capsicum (code not pushed yet), but I'm
still fixing bugs because it only segfaults for now.

More testing is planned for next week,

best regards,

