New Sandbox Framework For Chromium Released 109
Trailrunner7 writes "As applications have become more and more complex in recent years and Web browsers have evolved into operating systems unto themselves, the task of securing desktop environments has become increasingly difficult. And while there's been quite a bit of innovation on Windows security, advances in Unix security have been less common of late. But now, a group of researchers from Google and the University of Cambridge in England have developed a new sandboxing framework called Capsicum, designed specifically to provide better security capabilities on Unix and Unix-derived systems (PDF). Capsicum is the work of four researchers at Cambridge and the framework extends the POSIX API and introduces a number of new Unix primitives that are meant to isolate applications and users and handle rights delegation in a better way. The research, done by Robert N.M. Watson, Ben Laurie, Kris Kennaway and Jonathan Anderson, was supported by Google, and the researchers have added some of the new Capsicum features to a version of Google's Chromium browser in order to demonstrate the functionality."
Chromium Browser? (Score:2, Insightful)
Is this supposed to be the Google Chrome browser? Or do they mean literally a browser in their upcoming OS Chromium?
Re:Kinda of misleading. (Score:3, Insightful)
Re:Academic Foolishness (Score:5, Insightful)
I presume that you didn't actually read the API man pages. The interface follows squarely in the footsteps of the Unix design philosophy. No PID semantics are being changed, either. They've introduced process descriptors which, among other things, allow you to poll for process exit. They allow you to attach restrictions to descriptors, presumably so that a broker could open resources (files, sockets), restrict the allowable operations, and then pass them to sandboxed applications over a domain socket. It's all quite simple and powerful and exactly what I would love to see incorporated into POSIX.
Re:Academic Foolishness (Score:5, Insightful)
Browsers Interact Directly with Hardware? (Score:2, Insightful)
Web browsers have evolved into operating systems unto themselves
Really? I am unaware of a (common) browser that is able to do much more than work with data...
Let's try to leave the the analogies used to educated luddites out of summaries intended for people that *KNOW* the difference between an OS and an application.
Because their middle name is security (Score:2, Insightful)
Y'know, I'm really glad Google wants to provide a new API for managing security. We need somebody to do this for us - somebody who really knows security, somebody who may as well have security as their middle name [nsa.gov], to come out with an API framework for Mandatory Access Controls [nsa.gov], preferably built right into th operating system kernel of a [fedoraproject.org] major [debian.org] distribution [gentoo.org].
Yes, I'm really glad Google took the initiative on this.
Security innovation (Score:1, Insightful)
... there's been quite a bit of innovation on Windows security ...
What? There has? Do you mean the way it now asks me 'Are you sure you want to give this application a chance to destroy your computer? Y/N' and if I say 'No' I can't use the application?
I mean, if I really want to run that application I have no choice but to click 'Yes' and then if it was a virus after all I'm screwed.
What I'd want is a way to have more control over the program. Maybe put it in a sandbox and trick it into thinking it's got full privileges even though it's really sandboxed so it won't crash or maybe just set advanced settings for that specific application to disallow it from writing to specific registry/files/network/other process' memory.
Re:Security innovation (Score:3, Insightful)
What I'd want is a way to have more control over the program. Maybe put it in a sandbox and trick it into thinking it's got full privileges even though it's really sandboxed so it won't crash or maybe just set advanced settings for that specific application to disallow it from writing to specific registry/files/network/other process' memory.
Which is... umm... pretty much exactly what Windows Vista, Windows 7, and Windows Server 2008 can do.