A TrustedBSD "voluntary sandbox" policy.

Andrea Campi andrea+freebsd_hackers at webcom.it
Thu Nov 8 06:34:40 PST 2007


On Wed, Nov 07, 2007 at 10:20:28PM -0500, dexterclarke at Safe-mail.net wrote:
> I'm considering developing a policy/module for TrustedBSD loosely based
> on the systrace concept - A process loads a policy and then executes
> another program in a sandbox with fine grained control over what that
> program can do.
...
> Please note that the 'policy' given on the command line is purely for 
> the sake of example, no syntax or semantics have been decided upon.

Can't comment on the implementation or wider issues, but if you
pursue this, please have a look at how MacOS Leopard does it
(Seatbelt). Would be nice to converge on both syntax (a Schema
dialect) and tools names / command line args--or if converging is not
possible, at least know where and why and make a conscious decision.

Bye,
	Andrea

-- 
If it's there, and you can see it, it's real. If it's not there, and you can see it, it's virtual. If it's there, and you can't see it, it's transparent. If it's not there, and you can't see it, you erased it.


More information about the freebsd-hackers mailing list