Thumbs up!. :)
On 07/29/2013 03:11 PM, Loganaden Velvindron wrote:
Awesome man :-)
Keep it up !
On Mon, Jul 29, 2013 at 10:29 AM, Joris Giovannangeli
<[email protected] <mailto:[email protected]>> wrote:
Hi,
this week I've been stabilizing my work a bit more. The implementation
is still rough but "functionnal". I've finished the capability mode by
modifying the sycall path and the syscall table to check if a
syscall is
allowed in capability mode and return ECAPMODE if not. I've converted
most of the holdfp calls to check capability rights, but there is
still
some calls I must read more carefully to find which rights they need.
I've made the nlookup path return ECAPMODE when doing a non-relative
lookup. For now, the code is not perfect because i can leak
information
from outside the sandbox. Indeed, if an early error is returned, I
don't
check if the current namecache entry is still in sandbox and
return the
error (EEXIST, ENOENT, etc). This is a bug. I've been trying to modify
this behaviour, but for now, it's completely broken.
To test the work, i've ported the capsicum-enabled bzip2 a student has
done for FreeBSD during gsoc :
https://svnweb.freebsd.org/socsvn/soc2013/dpl/head/ . I've run it on a
vkernel, and it can compress and decompress files w/o troubles.
Joris
--
This message is strictly personal and the opinions expressed do not
represent those of my employers, either past or present.
--
Taqi Systems
269-J Jalan Panji
Kampung Chempaka, Kota Bharu, Kelantan 16100
Phone: +6097738657
Mobile: +60199788657
pub 4096R/4C77F88C 2013-04-06 [expires: 2015-04-06]
Key fingerprint = 2FE1 87FA E775 2E05 CC0F B3F6 3CB7 C65F 4C77
F88C
uid Muhammad Nuzaihan Bin Kamal Luddin
<[email protected]>
