Note: Do not edit this page yourself unless asked to.

FreeBSD Developer Summit: Capsicum Working Group

6 October 2011 (Thursday), schedule: TBD

Overview

This working group focuses on Capsicum ("Practical capabilities for UNIX"), a new security model shipping in FreeBSD 9.0. The main goals of the workshop are to review the status of Capsicum integration for FreeBSD 9.x, identify applications for Capsicum conversion, identify gaps in Capsicum functionality, and brainstorm solutions to problems and potential future directions.

If you would like to participate, contact the chair persons below and CC devsummit@. You will be then added to this page. Please include a list of things you want to talk about or the areas you are interested in. This helps in planning the session and to bring people together with common interests.

Goals

In particular, we would like to cover the following topics. This is not an exhaustive list and if you feel there is something missing that you want to talk about, contact the session chairs and your topic will be included here. Note that the numbering of the topics does not represent an ordering or importance indication of any kind, but rather a reference to the second table with the "topic of interest" column.

Topics

#

Topic description

1

Finalise ioctl API so that white-listed ioctls can be granted to a sandbox without granting all ioctls

2

Discuss sandboxed access to DNS and authentication services

3

Migrating to a "privilege upgrade" rather than "privilege downgrade" login model

4

Updating and upstreaming Capsicum patches for Chromium

5

libcapsicum

6

9.1 agenda

7

connectat(2) and bindat(2)

8

pdwait(2)

9

Updating and upstreaming Chromium patches

10

General brainstorming

Note: General presentations about work you have done that does not require further discussions should be submitted for the FreeBSD Developers' Summit track at EuroBSDcon (see general developer summit page).

Attending

In order to attend you need register for the developer summit as well as by email for the session and be confirmed by the working group organizer. Follow the guidelines described on the main page or what you received by email. For questions or if in doubt ask the session chairs, Robert Watson, Jonathan Anderson, and Ben Laurie. There are 20 seats.

Please do NOT add yourself here. Your name will appear automatically once you received the confirmation email. You need to put your name on the general developer summit attendees list though.

#

Name

Username / Affiliation

Topics of Interest

Notes

1

RobertWatson

rwatson, Cambridge

Session chair (1 / 2)

2

JonathanAnderson

jonathan, Cambridge

Session chair (2 / 2)

3

BjoernZeeb

bz

4

DiachiGoto

daichi

5

IlyaBakulin

kibab

6

PawelJakubDawidek

pjd, Wheel Systems

7

ReneLadan

rene

8

GlebKurtsou

gleb

9

Gleb Smirnoff

glebius

10

Jilles Tjoelker

jilles

11

Dag-Erling Smorgrav

des

12

IliasMarinos

marinosi

13

BrooksDavis

brooks

14

Johan van Selst

johans

15

16

17

18

19

20

201110DevSummit/Capsicum (last edited 2011-10-06 08:23:58 by JonathanAnderson)