Cambridge's Capsicum Framework Promises Efficient Security For UNIX/ChromeOS

Posted by timothy on Saturday February 25, 2012 @12:33PM from the sounds-spicy dept.

An anonymous reader writes "Communications of the ACM is carrying two articles promoting the Capsicum security model developed by Robert Watson (FreeBSD — Cambridge) and Ben Laurie (Apache/OpenSSL, ChromeOS — Google) for thin-client operating systems such as ChromeOS. They demonstrate how Chrome web browser sandboxing using Capsicum is not only stronger, but also requires only 100 lines of code, vs 22,000 lines of code on Windows! FreeBSD 9.0 shipped with experimental Capsicum support, OpenBSD has patches, and Google has developed a Linux prototype." While the ACM's stories are both paywalled, the Capsicum project itself has quite a bit of information online in the form of various papers and a video, as well as links to (BSD-licensed) code and to various subprojects.

1 of 87 comments (clear)

Min score:

Reason:

Sort:

our first solid metric by Xtifr · 2012-02-25 12:44 · Score: 5, Funny

So, we have our first solid metric: it's 220 times as hard to make Windows secure as it is for BSD or Linux.
(Xtifr runs and hides before the angry crowd of humorless astroturfers with mod points arrives.) :)