provided a detailed tour of Capsicum and CloudABI.
- AppArmor is an after thought
- Puts the burden back on users
- Not linked to security policies.
- Capsicum is a FreeBSD method that sandboxes software
- Works well with small applications but doesn't scale.
- Questions why UNIX can't run third party binaries safely.
What is CloudABI?
- CloudABI is a POSIX-like runtime environment based on Capsicum.
- Capability based security with less foot shooting.
- Global namespaces are entirely absent
- By default can only perform actions with no global impact.
- Symbiosis, not assimilation as it can run side by side with traditional
- File descriptors are used to provide additional rights.
- Provided an example of using CloudABI to provide a secure web service.
- You can use wrappers to provide features missing from CloudABI.
- Only has 58 system calls. Incredibly compact.
- Working towards having support for more POSIX operating systems.
- Allows reuse of binaries without compilation.
- Provided an example of a simple CloudABI ls program.
- How to execute it via the shell
- Feels there's scalability problems with CloudABI.
- Wrote cloudabi-run to make it feel less clunky to run.
- Replace CLI arguments with a YAML file.
- Easy to configure.
- Impossible to invoke programs with the wrong file
- Reduces start-up complexity.
- Gave an example of CloudABI as the basis of a cluster management suite.
- Provides a 100% accurate dependency graph.
- Gave an example of "CloudABI as a Service".