Re: Using FreeBSD Capsicum for program and library sandboxing

[Ben Laurie <benl () google com>]

On 15 May 2012 02:52, Solar Designer <solar () openwall com> wrote:
> Hi,
>
> A couple of days ago, Ben Laurie posted to the Secure Coding list about
> using FreeBSD's experimental Capsicum support in the kernel to sandbox
> bzip2 and libtiff ("wrapping it such that the calling application is
> unaware it is wrapped") - as two initial examples, I presume.  I found
> this very interesting.

Thanks.

If you want to see the libtiff work, it's here:
https://github.com/benlaurie/libtiff

So far, I've wrapped enough (transparently!) to make a couple of
trivial applications work. These are slightly cut-down versions of a
couple of apps provided with libtiff. They're cut down because they
add custom tags, which means registering callbacks, and I haven't
designed how to wrap that yet :-)

Before I do, I want to move onto a more "real" application. Not sure
what I should choose, though, so suggestions are welcome...

All new code is the wrapped/ subdirectory - so far I have not had to
make any changes to libtiff, which is nice, but I do not rule it out.

This one includes a rudimentary RPC compiler.