Student: Daniel Peyrolón (dpl@freebsd.org)
Mentor: Brooks Davis (brooks@freebsd.org)
Project description
During this project I will port the following to Capsicum:
- bzip2
- xz
- zip
- libavcodec
In the process some libcapsicum refinements will be done. This way I can make as easy a possible the process of porting applications to Capsicum.
Finally, I will write some documentation on how to port applications to Capsicum, trying to expand the part on that same topic in the Capsicum paper.
Approach to solving the problem
I will do the project working in HEAD, using the latest Capsicum interface.
The aproach is fairly simple:
- Look for all the files opened during the program execution, and limit them.
- Search for the earliest moment in the program execution where we can enter capability mode, and enter it.
Of course, it's not that simple. Sometimes I will have to write some kind of wrapper around the file descriptors, or do some architectural changes to make the program run stably using Capsicum.
Milestones
- Community bonding: I will learn the different strategies for porting applications to Capsicum, by reviewing the diffs or the ported code.
- June 17: Start of coding.
July 1: Port bzip2 to use Capsicum.
July 15: Port xz.
- July 29: Port zlib.
- July 29-August 2: Mid-term Evaluations
- August 5: Learn about libavcodec's structure.
- August 26: Port libavcode, which could then be used transparently.
- September 9: Here, I could do two things:
Update the Capsicum-powered Chromium.
- Search some library used by many applications, and port it.
- September 16: Performance testing and if the Capsicum-powered libavcodec should be on the FreeBSD ports, write some patches for that.
- September 16: End of coding (soft)
- September 23: Write documentation/recomendations on how to port software to Capsicum.
- September 23: End of coding (hard)
Test Plan
- Test code with its test suite. If not found, I will edit its Makefiles to test the programs. Every test suite has to:
- Check correct working of program.
- Check that all the program options work as intended.
- Check that capsicum works as intended with them (for instance, doing forbidden operations with the ported code).
- Finally, I will also do a performance comparison with every application (that will come after September 9).
If they seem good enough, they can be used in the base system, since they will be much securer.
Links
Code of the project
Capsicum
Links to the manuals are from FreeBSD 9-CURRENT