Capsicum: practical capabilities for UNIX

Capsicum - Publications, talks, and documentation

Capsicum is an experimental and rapidly evolving system, so documentation on how to use and develop it continues to be a work in progress. Here you can find some of our papers/articles, talks, blog posts, tech news articles, and formal programmer documentation.

• Watson, R. N. M. New approaches to operating system security extensibility. Technical report UCAM-CL-TR-818, University of Cambridge, Computer Laboratory, April, 2012.
• Watson, R. N. M., Anderson, J., Laurie, B., and Kennaway, K. A Taste of Capsicum: Practical Capabilities for UNIX. Communications of the ACM, Volume 55, Issue 3, March, 2012.
• Gribble, Steven D. Technical Perspective: The Benefits of Capability-Based Protection. Communications of the ACM, Volume 55, Issue 3, March 2012.
• Harris, W. R., Farley, B., Jha, S., and Reps, T. Secure Programming as a Parity Game. Technical report #1694, University of Wisconsin Madison, Computer Sciences Department, July, 2011.
• Watson, R. N. M., Anderson, J., Laurie, B., and Kennaway, K. Introducing Capsicum: practical capabilities for UNIX. In ;login: Magazine, December 2010, Volume 35, Number 6.
• Farley, B. Analyzing Capsicum for Usability and Performance. University of Wisconsin web publication, December 2010.
• Watson, R. N. M., Anderson, J., Laurie, B., and Kennaway, K. Capsicum: practical capabilities for UNIX. In Proceedings of the 19th USENIX Security Symposium, Washington, DC, August 2010. (Best Student Paper, Most Notable Publication 2011 - Cambridge Ring)

• Watson, R. N. M., Anderson, J. Capsicum working group. Presented at the FreeBSD Developer Summit, BSDCan 2012, Ottawa, Canada, May, 2012.
• Watson, R. N. M., Anderson, J. Capsicum working group summary. Presented at the FreeBSD Developer Summit, EuroBSDCon 2011, Maarssen, the Netherlands, October, 2011.
• Watson, R. N. M. and Anderson, J. Connecting the Dot Dots: Model Checking Concurrency in Capsicum. Presented at 4th International Workshop on Analysis of Security APIs, Edinburgh, Scotland, July 2010.
• Watson, R. N. M., Anderson, J., Laurie, B., and Kennaway, K. Capsicum: practical capabilities for UNIX. Presented at 19th USENIX Security Symposium, Washington, DC, August, 2010. Recording available on YouTube.

• Goodkin, D. New Funded Project: Capsicum Improvements. FreeBSD Foundation Blog, 18 June, 2012. Deb Goodkin announces new Capsicum development jointly funded by the FreeBSD Foundation and Google. Pawel Jakub Dawidek will develop a new libcapsicum and further Capsicum-based applications.
• Laurie, B. Using Capsicum For Sandboxing. Links, 28 April, 2012. Ben Laurie explores Capsicumising bzip2, and more generally, the process of application compartmentalisaion.
• Watson, R. N. M. Three-paper Thursday: capability systems. Light Blue Touch Paper, 23 February, 2012. Three papers on capability systems that influenced our thinking for Capsicum and CHERI.
• Watson, R. N. M. FreeBSD 9.0 ships with experimental Capsicum support. Light Blue Touch Paper, 30 January, 2012. Capsicum is highlighted in the FreeBSD 9.0 release announcement and FreeBSD Foundation press release.
• Laurie, B. Capsicum Wins Cambridge Ring Award. Links, 9 March, 2011. Ben Laurie announces that Capsicum has won the Cambridge Ring best publication award for 2010.
• Seaborn, M. An introduction to FreeBSD-Capsicum. Lacking Rhoticity, 4 November, 2010. Mark Seaborn introduces Capsicum's high-level feature set, and considers how it might provide a better platform for his work on PLASH.
• Seaborn, M. Process descriptors in FreeBSD-Capsicum. Lacking Rhoticity, 23 October, 2010. Mark Seaborn talks about process descriptors as a replacement for PIDs in UNIX and Linux.
• Laurie, B. FreeBSD Capsicum. Links, 14 August, 2010. Ben Laurie discusses our Capsicum work.
• Watson, R. N. M. Capsicum: practical capabilities for UNIX. Light Blue Touch Paper, 12 August, 2010. Capsicum is presented at the 19th USENIX Security Symposium, winning Best Student Paper award.
• Laurie, B. Capability Operating Systems. Links, 27 March, 2010. Ben Laurie puts our on-going work on Capsicum into context with a review of recent and historic capability system designs.

• Cambridge's Capsicum Framework Promises Efficient Security for UNIX/ChromeOS. Slashdot, 25 February, 2012.
• Edge, J. Capsicum: practical capabilities for UNIX. LWN.net, 22 February, 2012.
• Cawrey, D. Capsicum Offers Better Chrome Security, More Robust Development. thechromesource, 16 August, 2010.
• New Sandbox Framework for Chromium Released. Slashdot, 13 August, 2010.

• cap_enter(2) - Capability mode system calls (February 25, 2012)
• cap_new(2) - System calls to manipulate capabilities (July 10, 2011)
• pdfork(2) - System calls to manage process descriptors (January 18, 2009)
• rtld-elf-cap(3) - Capability-mode run-time link editor (June 11, 2009)
• libcapsicum(3) - Library interface to capability-mode services (June 11, 2009)
• libcapsicum_fdlist(3) (June 31, 2010) - Library interface to capability-mode services -- file descriptor management API
• libcapsicum_host(3) (June 11, 2009) - Library interface to capability-mode services -- host API
• libcapsicum_sandbox(3) (June 11, 2009) - Library interface to capability-mode services -- sandbox API