Capsicum project: Ideas needed
Stanislav Sedov
stas at FreeBSD.org
Thu Sep 8 10:14:42 UTC 2011
On Fri, 8 Jul 2011 15:09:52 +0400
"Ilya Bakulin" <webmaster at kibab.com> mentioned:
> [CCing Ben, Robert and Jonathan as it's very important for me to receive
> their feedback about my thoughts]
>
> Let me focus on those application ideas that you've mentioned. All the
> following are my thoughts and this may be incorrect, in this case please
> correct me.
>
> > -any server software
> Yes, server software is a good candidate for bringing cap.mode in. Though
> this applies to servers that do not include in-process support for
> interpreters (ie Apache + mod_php), see later why. Such software as nginx,
> lighttpd is OK. Speaking about base system components, this list includes
> inetd daemons (but modification of inetd itself is NOT sufficient and
> ineffective, capability support implies modifying code of daemons)
I would also suggest our Heimdal Kerberos implementation as it performs
a lot of non-trivial ASN.1 and GSSAPI decapsulation/encapsulation when
processing packets and we saw a lot of vulenrabilities in the past in
these areas. Unfortunately, Heimdal will be probably to large to break
into compartments.
--
Stanislav Sedov
ST4096-RIPE
() ascii ribbon campaign - against html e-mail
/\ www.asciiribbon.org - against proprietary attachments
More information about the freebsd-hackers
mailing list