IDMS : Weekly status report #1 of 14

[David Chisnall]

Hi Ambrarish,

The fetch utility has been the case study for a lot of the compartmentalisation work on Capsicum so far.  Have you considered how the download manager will handle exploitable bugs in, for example, the HTTP header parsing in libfetch?  I note that your plan is to use a thread, rather than a forked process, for each request, which means that it can not run in sandboxed mode.  

What privilege do you imagine the daemon running with?  One of the problems with fetch currently is that it is often invoked as root when downloading ports distfiles and so runs with ambient privilege of the root user.

David

On 27 Jun 2013, at 13:55, Ambarisha B <b.ambarisha at gmail.com> wrote:

> Hi,
> 
> I'll working on Intelligent download manager service (dms) for the ports
> collection this summer.
> 
> This week I've worked on dmclient which will be a replacement to the
> "fetch" program. I took the code of fetch(1) and replaced all the calls
> into libfetch with my own dm* calls which request the DM service to fetch
> the file instead of fetching the files independently. This week I'll finish
> the basic DM server and will be able to test the client against it.
> 
> My tentative schedule is on the project wiki page at :
> https://wiki.freebsd.org/SummerOfCode2013/IntellegentDownloadManager
> 
> Cheers
> Ambarish
> _______________________________________________
> soc-status at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/soc-status
> To unsubscribe, send any mail to "soc-status-unsubscribe at freebsd.org"