Capsicum: practical capabilities for UNIX
Venue
Proceedings of the 19th USENIX Security Symposium (2010)
Publication Year
2010
Authors
Robert N. M. Watson, Jonathan Anderson, Ben Laurie, Kris Kennaway
BibTeX
Abstract
Capsicum is a lightweight operating system capabil- ity and sandbox framework
planned for inclusion in FreeBSD 9. Capsicum extends, rather than replaces, UNIX
APIs, providing new kernel primitives (sandboxed capability mode and capabilities)
and a userspace sand- box API. These tools support compartmentalisation of
monolithic UNIX applications into logical applications, an increasingly common goal
supported poorly by dis- cretionary and mandatory access control. We demon- strate
our approach by adapting core FreeBSD utilities and Google’s Chromium web browser
to use Capsicum primitives, and compare the complexity and robustness of Capsicum
with other sandboxing techniques.
