Statements (30)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:security
|
| gptkbp:author |
gptkb:Jonathan_Anderson
gptkb:Kris_Kennaway gptkb:Robert_N._M._Watson gptkb:Ben_Laurie |
| gptkbp:component |
cap_enter() system call
cap_fcntls_limit() cap_ioctls_limit() cap_rights_limit() cap_rights_t data structure |
| gptkbp:designedFor |
capability-based security
|
| gptkbp:developedBy |
gptkb:University_of_Cambridge
|
| gptkbp:documentedIn |
gptkb:USENIX_Security_Symposium_2010_paper
|
| gptkbp:feature |
least privilege principle
fine-grained sandboxing capability mode process compartmentalization rights-based file descriptors |
| https://www.w3.org/2000/01/rdf-schema#label |
Capsicum security model
|
| gptkbp:influenced |
gptkb:FreeBSD_security_architecture
|
| gptkbp:influencedBy |
capability-based security
|
| gptkbp:introducedIn |
2010
|
| gptkbp:openSource |
true
|
| gptkbp:relatedTo |
sandboxing
operating system security capability systems |
| gptkbp:usedIn |
gptkb:FreeBSD
gptkb:OpenBSD |
| gptkbp:bfsParent |
gptkb:Robert_N._M._Watson
|
| gptkbp:bfsLayer |
6
|