| dbo:abstract |
Capsicum is an implementation of capability-based security for UNIX and similar systems. Presented at USENIX 2010, the system is part of FreeBSD since its 9.0 release. It has also been adapted to Linux and DragonflyBSD in the form of kernel patches. The system works by chunking the normal permissions up into very small pieces. When a process enters capsicum mode, it loses all permissions normally associated with its controlling user, with the exception of "capabilities" it already has in the form of file descriptors. A process can also receive capabilities via Unix sockets. These file descriptors not only control access to the file system, but also to other devices like the network sockets. Flags are also used to control more fine-grained access like reads and writes. (en) |
| dbo:wikiPageID |
63602390 (xsd:integer) |
| dbo:wikiPageLength |
2553 (xsd:nonNegativeInteger) |
| dbo:wikiPageRevisionID |
1026880441 (xsd:integer) |
| dbo:wikiPageWikiLink |
dbr:Application_binary_interface dbr:Unix-like dbr:FreeBSD dbr:Linux dbr:Patch_(computing) dbr:USENIX dbr:WebAssembly dbr:POSIX dbr:Flag_(computing) dbc:Access_control dbc:Computer_security_models dbc:Capability_systems dbr:File_descriptor dbr:File_system dbr:Instruction_set_architecture dbr:Capability-based_security dbr:System_call dbr:Unix_socket dbr:DragonflyBSD dbr:UNIX |
| dbp:wikiPageUsesTemplate |
dbt:As_of dbt:Reflist dbt:Object-capability_security dbt:Man |
| dct:subject |
dbc:Access_control dbc:Computer_security_models dbc:Capability_systems |
| rdfs:comment |
Capsicum is an implementation of capability-based security for UNIX and similar systems. Presented at USENIX 2010, the system is part of FreeBSD since its 9.0 release. It has also been adapted to Linux and DragonflyBSD in the form of kernel patches. (en) |
| rdfs:label |
Capsicum (Unix) (en) |
| owl:sameAs |
wikidata:Capsicum (Unix) https://global.dbpedia.org/id/BurFy |
| prov:wasDerivedFrom |
wikipedia-en:Capsicum_(Unix)?oldid=1026880441&ns=0 |
| foaf:isPrimaryTopicOf |
wikipedia-en:Capsicum_(Unix) |
| is dbo:wikiPageRedirects of |
dbr:CloudABI |
| is dbo:wikiPageWikiLink of |
dbr:CloudABI dbr:WebAssembly dbr:Capability-based_security dbr:Seccomp |
| is foaf:primaryTopic of |
wikipedia-en:Capsicum_(Unix) |