Adapt some language based on "Capsicum: practical capabilities for UNIX" https://www.cl.cam.ac.uk/research/security/capsicum/papers/2010usenix-security-capsicum-website.pdf
Details
Details
Diff Detail
Diff Detail
- Repository
- rG FreeBSD src repository
- Lint
Lint Not Applicable - Unit
Tests Not Applicable
Event Timeline
Comment Actions
Add reference to paper
@lattera-gmail.com we've had some discussion on the challenges in adapting or designing software for sandboxing, and we haven't had great documentation on that. Would you have a look at this patch and let me know if this is a start to make some of the concepts more clear?
share/man/man4/capsicum.4 | ||
---|---|---|
189 | (applied locally) |
share/man/man4/capsicum.4 | ||
---|---|---|
77 | These numbers are a bit outdated: the number of MIBs is device-dependent (my laptop has something like 15,000) and I see something like 60 references to CTLFLAG_CAPRD in main. |
Comment Actions
Update sysctl numbers
share/man/man4/capsicum.4 | ||
---|---|---|
77 | Huh sysctl -aN | wc -l on my laptop is 19463. |