Comment Capability security systems under Linux (Score 2, Informative) 296
The purpose behind the EROS or Coyotos kernels is to provide a *fast* capability-based system. You can build a capability system on top of Linux using sockets and other mechanisms; it'll just be slower. It's easier to build in some ways, but the total complexity (including Linux's complexity) is higher, so you have a bit less confidence about how secure the whole thing is.
An example of this is Plash http://freshmeat.net/projects/plash/. Plash runs processes under Linux with access to nothing by default (by putting them in a chroot() jail, etc.), except that it can make requests to objects via a socket using an object-capability protocol. Plash also provides a modified GNU libc so that normal Linux executables make their filesystem requests as object invocations, basically virtualising the filesystem.
Plash shows how unmodified Unix programs would work under EROS/Coyotos: it provides a shell (similar to Bash) that lets you run Linux programs with access to a limited set of files, in a convenient way.
An example of this is Plash http://freshmeat.net/projects/plash/. Plash runs processes under Linux with access to nothing by default (by putting them in a chroot() jail, etc.), except that it can make requests to objects via a socket using an object-capability protocol. Plash also provides a modified GNU libc so that normal Linux executables make their filesystem requests as object invocations, basically virtualising the filesystem.
Plash shows how unmodified Unix programs would work under EROS/Coyotos: it provides a shell (similar to Bash) that lets you run Linux programs with access to a limited set of files, in a convenient way.
