BSDCan2017 - 0722d
BSDCan 2017
The Technical BSD Conference
| Speakers | |
|---|---|
|
Stephen Herwig |
| Schedule | |
|---|---|
| Day | Talks #2 - 10 June - 2017-06-10 |
| Room | DMS 1120 |
| Start time | 14:45 |
| Duration | 01:00 |
| Info | |
| ID | 835 |
| Event type | Lecture |
| Track | Security |
| Language used for presentation | English |
secmodel_sandbox: An application sandbox for NetBSD
We introduce a new security model for NetBSD -- secmodel_sandbox -- that allows per-process policies for restricting privileges. Privileges correspond to kauth authorization requests, such as a request to create a socket or read a file, and policies specify the sandbox's decision: deny, defer, or allow.
Processes may apply multiple sandbox policies to themselves, in which case the policies stack, and child processes inherit their parent's sandbox. Sandbox policies are expressed in Lua, and the evaluation of policies uses NetBSD 7's experimental in-kernel Lua interpreter. As such, policies may express staticauthorization decisions, or may register Lua functions that secmodel_sandbox invokes for a decision.