Blog category: FreeBSD
Yet another utility capsicumised!
December 9, 2016 by Paweł Biernacki
I’m pleased to announce that the work on sandboxing the dd utility using Capsicum framework has been successfully
completed and from today it’s available
in FreeBSD-CURRENT.
NAT, pf & jails
November 18, 2016 by Paweł Biernacki
Sometimes you want to use jails on the same hosts that do the NAT. That of course isn’t by any means a complicated task
and pf can do that very easily. The problems begin when you want to connect from one jail to a NATed IP (in the
example 192.168.122.251) to a port that is redirected to another jail on the same system. Here is one of the solutions.
Capsicum and bhyve
October 31, 2016 by Paweł Biernacki
Ever wondered how to protect your host from malicious activity in vm guests? How to keep parts of the hypervisor running in userspace from being a source of access to underlying host? One of the layers can be sandboxing the hypervisor itself!
FreeBSD on Raspberry Pi 3!
October 17, 2016 by Paweł Biernacki
On Friday, 14th October, Oleksandr Tymoshenko committed an initial support for RPI3 into FreeBSD. The system is able to boot in multiuser mode with single processor. SMP is being actively worked on. For now, only the on-board Ethernet chip is supported and we will need to wait awhile for a WiFi and Bluetooth support. The port is quite usable, and what’s more interesting - it’s full 64bit!
Capsicum: add some spice to your FreeBSD
October 10, 2016 by Paweł Biernacki
Application sandboxes are getting more and more popular. There are multiple schools and implementations. Let’s see how to use the FreeBSD’s Capsicum.
