Awesome man :-) Keep it up !
On Mon, Jul 29, 2013 at 10:29 AM, Joris Giovannangeli < [email protected]> wrote: > Hi, > > this week I've been stabilizing my work a bit more. The implementation > is still rough but "functionnal". I've finished the capability mode by > modifying the sycall path and the syscall table to check if a syscall is > allowed in capability mode and return ECAPMODE if not. I've converted > most of the holdfp calls to check capability rights, but there is still > some calls I must read more carefully to find which rights they need. > I've made the nlookup path return ECAPMODE when doing a non-relative > lookup. For now, the code is not perfect because i can leak information > from outside the sandbox. Indeed, if an early error is returned, I don't > check if the current namecache entry is still in sandbox and return the > error (EEXIST, ENOENT, etc). This is a bug. I've been trying to modify > this behaviour, but for now, it's completely broken. > To test the work, i've ported the capsicum-enabled bzip2 a student has > done for FreeBSD during gsoc : > https://svnweb.freebsd.org/socsvn/soc2013/dpl/head/ . I've run it on a > vkernel, and it can compress and decompress files w/o troubles. > > Joris > > -- This message is strictly personal and the opinions expressed do not represent those of my employers, either past or present.
