Malicious root user sandboxing
Ed Maste
emaste at freebsd.org
Mon May 25 20:29:02 UTC 2020
On Mon, 25 May 2020 at 14:00, Ihor Antonov <ihor at antonovs.family> wrote:
>
> I was looking at Capsicumizer and it looks very interesting.
> The only reason I was hesitant is that this is an external application, not a
> FreeBSD core. Is it going to be included in FreeBSD in some distant future?
There are no explicit plans at this point and right now I would
describe it as a solid proof of concept - it works well, but only a
limited amount of functionality is supported by libpreopen. That said,
I would be very happy to see it developed further and become a
component of FreeBSD.
More information about the freebsd-security
mailing list