svn commit: r46968 - head/en_US.ISO8859-1/htdocs/news/status

Tue Jul 14 14:20:29 UTC 2015

Author: wblock
Date: Tue Jul 14 14:20:28 2015
New Revision: 46968
URL: https://svnweb.freebsd.org/changeset/doc/46968

Log:
  Add Ed Schouten <ed at nuxi.nl>'s CloudABI report.

Modified:
  head/en_US.ISO8859-1/htdocs/news/status/report-2015-04-2015-06.xml

Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2015-04-2015-06.xml
==============================================================================

--- head/en_US.ISO8859-1/htdocs/news/status/report-2015-04-2015-06.xml	Tue Jul 14 11:44:59 2015	(r46967)
+++ head/en_US.ISO8859-1/htdocs/news/status/report-2015-04-2015-06.xml	Tue Jul 14 14:20:28 2015	(r46968)
@@ -906,4 +906,69 @@
 	Steve Kargl decide to call it a day.</p>
     </body>
   </project>
+
+  <project cat='kern'>
+    <title>CloudABI: Capability-Based Runtime Environment</title>
+
+    <contact>
+      <person>
+	<name>
+	  <given>Ed</given>
+	  <common>Schouten</common>
+	</name>
+	<email>ed at FreeBSD.org</email>
+      </person>
+    </contact>
+
+    <links>
+      <url href="https://github.com/NuxiNL/cloudlibc">CloudABI on GitHub</url>
+      <url href="https://github.com/NuxiNL/freebsd">FreeBSD patchset on GitHub</url>
+    </links>
+
+    <body>
+      <p>CloudABI is a compact UNIX-like runtime environment that is
+	purely based on capability-based security (Capsicum).  All
+	features that are incompatible with this model have been
+	removed.  Advantages of using a pure capability-based
+	environment include improved security, testability, and
+	reusability.  CloudABI should make it possible to run
+	arbitrary third-party executables directly on top of &os;
+	without any impact on system security, making it a good
+	building block for a cluster/cloud computing setup.  See
+	<a href="https://github.com/NuxiNL/cloudlibc">the project on GitHub</a>
+	for a more detailed explanation.</p>
+
+      <p>Last month I added a number of packages for the &os; Ports
+	tree.  We now have a full C/C++ cross compiler that can be
+	installed very easily
+	(<a href="http://www.freshports.org/devel/cloudabi-toolchain">devel/cloudabi-toolchain</a>).
+	I also imported a tool called <tt>cloudabi-run</tt> that can
+	be used to start programs safely, only granting access to
+	files and network sockets listed in the program's
+	configuration file
+	(<a href="http://www.freshports.org/sysutils/cloudabi-utils">sysutils/cloudabi-utils</a>).</p>
+
+      <p>I have also imported some kernelspace modifications into the
+	&os; source tree for executing CloudABI programs.  After all
+	of these changes have been imported, just loading a kernel
+	module will allow executing CloudABI programs.  Right now, the
+	"cloudabi" branch on GitHub is still required.</p>
+    </body>
+
+    <sponsor>
+      Nuxi, the Netherlands
+    </sponsor>
+
+    <help>
+      <task>
+	<p>Polish up the kernelspace modifications and send them out
+	  for review.</p>
+      </task>
+
+      <task>
+	<p>Complete the Linux and NetBSD kernel patchsets and send
+	  those out to the respective maintainers.</p>
+      </task>
+    </help>
+  </project>
 </report>
