FreeBSD Multimedia Resources List
Links on this page refer to multimedia resources (podcast, vodcast, audio recordings, video recordings, photos) related to FreeBSD or of interest for FreeBSD users.
If you know any resources not listed here, or notice any dead links, please send details to Edwin Groothuis so that it can be included or updated.
Tag: process isolation
Kristaps Dzonsons - Process isolation for NetBSD and OpenBSD
Added: 24 May 2009
Tags: dcbsdcon, dcbsdcon2009, slides, openbsd, netbsd, process isolation, kristaps dzonsons
PDF (687 Kb, 27 pages)
In NetBSD and OpenBSD, user-land process and process-context isolation is limited to credential cross-checks, file-system chroot and explicit systrace/kauth applications. I'll demonstrate a working mechanism of isolated process trees in branched OpenBSD-4.4 and NetBSD-5.0-beta kernels where an isolated process is started by a system call similar to fork; following that, the child process and its descendants execute in a context isolated from the caller. This system is the continued work of "mult" -- first prototyped in a branched NetBSD-3.1 kernel and isolating all system resources -- pared down to a lightweight, auditable patch of process-only separation for both OpenBSD and NetBSD. I specifically address solutions to performance issues and mechanism design with an eye toward more resources being isolated in the future.