- Add 2013Q4 report on Capsicum and Casper

Submitted by: pjd
svn path=/head/; revision=43511
2014-01-14 17:04:54 +00:00 · 2014-01-14 17:04:54 +00:00 · 5a93ae2d31 · 2020-12-08 03:00:23 +00:00
commit 5a93ae2d31
parent e7e452b844
1 changed files with 44 additions and 1 deletions
--- a/en_US.ISO8859-1/htdocs/news/status/report-2013-10-2013-12.xml
+++ b/en_US.ISO8859-1/htdocs/news/status/report-2013-10-2013-12.xml
@ -19,7 +19,7 @@

    <!-- XXX: Keep updating the number of entries -->
    <p>Thanks to all the reporters for the excellent work!  This report
-      contains 24 entries and we hope you enjoy reading it.</p>
+      contains 25 entries and we hope you enjoy reading it.</p>

    <p>The deadline for submissions covering between January and
      March 2014 is April 7th, 2014.</p>
@ -1372,4 +1372,47 @@ device vt_vga</pre>
 	<task>CJK fonts (in progress).</task>
    </help>
  </project>
+
+  <project cat='bin'>
+    <title>Capsicum and Casper</title>
+
+    <contact>
+      <person>
+	<name>
+	  <given>Pawel Jakub</given>
+	  <common>Dawidek</common>
+	</name>
+	<email>pjd@FreeBSD.org</email>
+      </person>
+    </contact>
+
+    <links>
+      <url href="http://freebsdfoundation.blogspot.com/2013/12/freebsd-foundation-announces-capsicum.html"/>
+    </links>
+
+    <body>
+      <p>Capsicum is a lightweight OS capability and sandbox framework
+	implementing a hybrid capability system model.  The Casper
+	daemon enables sandboxed application to use functionality
+	normally unavailable in capability-mode sandboxes.</p>
+
+      <p>The Casper daemon, <tt>libcasper</tt>, <tt>libcapsicum(3)</tt>,
+	<tt>libnv(3)</tt> and Casper services (<tt>system.dns</tt>,
+	<tt>system.grp</tt>, <tt>system.pwd</tt>, <tt>system.random</tt>
+	and <tt>system.sysctl</tt>) have been committed to &os;
+	<tt>head</tt>.  The <tt>tcpdump(8)</tt> utility in <tt>head</tt>
+	now uses the <tt>system.dns</tt> service to do DNS lookups.  The
+	<tt>kdump(1)</tt> utility in <tt>head</tt> now uses the
+	<tt>system.pwd</tt> and <tt>system.grp</tt> services to convert
+	user and group identifiers to user and group names.</p>
+
+      <p>There is ongoing work to sandbox more applications.  If you are
+	interested in helping to make &os; more secure and would like to
+	learn about Capsicum and Casper, do not hesitate to contact
+	Pawel &mdash; he can provide candidate programs that could use
+	sandboxing.</p>
+
+      <p>The work was sponsored by The &os; Foundation.</p>
+    </body>
+  </project>
 </report>