BSDCan2014 - Final

BSDCan 2014
The Technical BSD Conference

Mariusz Zaborski
Pawel Jakub Dawidek
Day Talks - Day 1 - Fri May 16 - 2014-05-16
Room Montpetit 202
Start time 13:30
Duration 01:00
ID 486
Event type Lecture
Track Security
Language used for presentation English

Capsicum and Casper - more than a lipstick on a pig

Don't build security on hacks

Capsicum and Casper are FreeBSD proposal for a clean, robust and intuitive application compartmentalization. Today's sandboxing techniques build on top of existing technologies that weren't really designed for this sort of protection (like chroot(2), rlimit(2), setuid(2), Mandantory Access Control, etc.). Capsicum and Casper provide rich infrastructure for breaking applications into multiple useful sandboxes and thus significantly reducing Trusted Computing Base.

Capsicum is a lightweight OS capability and sandbox framework implementing a hybrid capability system model. The Casper daemon enables sandboxed application to use functionality normally unavailable in capability-mode sandboxes.

The talk will discuss Capsicum framework, Casper daemon and its services. It will provide introduction based on already implemented examples to those new FreeBSD features. The talk will also present existing portable sandboxing implementations to give clear picture how hacky those solutions are.