Fwd: [capsicum] Capsicum USENIX Security 2010 paper now online

Dear all:

This paper might be of interested to TrustedBSD-centric folk; it's on some new work we've been doing relating to capability-oriented security design in FreeBSD. There's a mailing list for Capsicum hosted at the University of Cambridge, which can be found via the Capsicum web site:


Once we've done more iteration, improvement, review, etc, the goal is to merge the supporting kernel features into FreeBSD 9-CURRENT.


Robert Watson
University of Cambridge
Computer Laboratory

Begin forwarded message:

From: "Robert N. M. Watson" <robert.watson@xxxxxxxxxxxx>
Date: 2 June 2010 11:25:53 GMT+01:00
To: cl-capsicum-discuss@xxxxxxxxxxxxxxx
Subject: [capsicum] Capsicum USENIX Security 2010 paper now online

The final version of the USENIX Security 2010 paper on Capsicum is now up on our web site:


We plan to release an extended technical report version of the paper that includes more detail on a number of design choices, additional reference material, etc. With any luck that will be available by the end of July.

We greatly appreciate all the comments and suggestions we've had from the budding Capsicum user community and capability research communities, as well as from Steve Bellovin, who shepherded the paper. Likewise, we express appreciation to our research sponsors, and especially to Google for their support and contributions throughout the project.

The next publication target is a short paper on file system containment that Jon and I will be giving at the Analysis of Security APIs workshop in a month, which looks at file system concurrency issues in sandbox design. Following that, the hope is to do a longer design patterns paper on application structure and decomposition, but not much done on that yet.

Robert Watson
University of Cambridge
Computer Laboratory

trustedbsd-discuss@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "trustedbsd-discuss-unsubscribe@xxxxxxxxxxx"

freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"