BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Capsicum: Practical capabilities for UNIX - Robert Watson (Univers
 ity of Cambridge)
DTSTART:20100226T160000Z
DTEND:20100226T163000Z
UID:TALK23313@talks.cam.ac.uk
CONTACT:Jonathan Anderson
DESCRIPTION:Capsicum is a lightweight operating system capability and sand
 box  framework planned for inclusion in FreeBSD 9.\n\nCapsicum extends\, r
 ather than replaces\, UNIX APIs\, providing new  kernel primitives (sandbo
 xed capability mode and capabilities) and a userspace sandbox API. These t
 ools support the compartmentalization of monolithic UNIX applications into
  logical applications.\n\nWe demonstrate our approach by adapting core Fre
 eBSD utilities and Google's Chromium web browser to use Capsicum primitive
 s\, and compare the complexity and robustness of Capsicum with other sandb
 oxing techniques.
LOCATION:Computer Laboratory\, William Gates Building\, Room FW11
END:VEVENT
END:VCALENDAR