Capsicum GSOC project

Loganaden Velvindron loganaden at
Thu Jun 6 23:02:17 PDT 2013

On Fri, Jun 7, 2013 at 12:08 AM, Joris GIOVANNANGELI <joris at
> wrote:

> hi,
> i'm part of GSOC this year, and i will work on an implementation of
> Capsicum kernel APIs for DragonFly.
>                                                 CAPSICUM
> Capsicum is a fine grained capability framework for unix systems. It can
> be use to sandbox applications by restricting their access to various
> global namespaces. While DAC and unix rights grant access at the user
> level, capscium is designed to implement security policies at the
> application or library level. Unlike MAC frameworks (SELinux, AppArmor,
> ...) where access profile is configured out of the code, capsicum
> sandboxing policy might directly be built in the application itself.
> Capsicum is currently implemented in the FreeBSD kernel, and some work is
> ongoing on the linux side.
>                                                  PROJECT
> I plan to work on 3 main subprojects :
>     - capabilities : rights attached to file descriptors. Each operation
> on a filedescriptor is check against the set of rigths the filedescriptor
> carries. If the filedescriptor has not enougth rights, the operation fails.
> Typical capabilities are CAP_READ, CAP_WRITE, CAP_FCNTL, etc.
>     - capability mode : a credential flag is add to each process. When in
> capability mode, to determine wether the capabilities are taken in
> consideration or not. When a process has been put in capability mode, it
> cannot exit the sandbox by itself, and it cannot gain new capabilities by
> itself, except by the use of  *at syscalls (e.g openat). New capabilities
> can be granted to a process.
>     - process descriptors : add support for a new type of filedescriptors,
> pointing to processes. This will permit local naming of processes, for
> sandboxing purposed, and the fork/kill operations will be implemented.
>                                                   WORK
> My work will be avaible on github [1], in capsicum branch.  You can also
> read my draft proposal [2] on this list, or the last version on the github
> wiki [3]. My nick is joris on #dragonflybsd at efnet.
> I'm happy to work on dragonfly this summer !
> [1]**DragonFlyBSD<>
> [2]**pipermail/kernel/2013-April/**
> 031197.html<>
> [3]**DragonFlyBSD/wiki/proposal<>

Awesome :-)

I read the timeline. I'd be happy to see the end-result merged into the
release. Do you think you'll have time to integrate
the work upstream even after the gsoc ?

This message is strictly personal and the opinions expressed do not
represent those of my employers, either past or present.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Kernel mailing list