RFS: Plash: a shell and restricted environment for running programs with minimum authority

To: debian-mentors@lists.debian.org
Subject: RFS: Plash: a shell and restricted environment for running programs with minimum authority
From: Mark Seaborn <mseaborn@onetel.com>
Date: Sat, 20 Aug 2005 15:01:40 +0100 (BST)
Message-id: <[🔎] 20050820.150140.607956946.mrs@localhost>

I'm looking for a sponsor for putting Plash into Debian.

The main page is:  http://plash.beasts.org
and Debian packages are at:
http://www.cs.jhu.edu/~seaborn/plash/plash_1.11_i386.deb
http://savannah.nongnu.org/download/plash/plash_1.11.dsc
http://savannah.nongnu.org/download/plash/plash_1.11.tar.gz
(The Debian source package contains a copy of glibc 2.3.3, which is
13Mb, but the source for Plash itself is only 200k.)

Plash is a restricted execution environment for running Linux programs
with minimum privileges necessary.  You can grant a process read-only
or read-write access to specific files and directories, which can be
mapped at any point in the filesystem namespace.  Plash provides a
shell with a syntax similar to the Bourne shell or Bash.

The execution environment doesn't require a modified Linux kernel --
it uses chroot() and UIDs.  It works with existing Linux executables,
provided they are dynamically linked, because Plash uses a modified
version of GNU libc.  In most cases this does not affect performance
because the most frequently called system calls, such as read() and
write(), are not affected.

New in this version is a tool for running XEmacs and dynamically
granting it access to files.  This means you don't have to give XEmacs
access to all of your files.  The tool is used like gnuclient: a
single command grants XEmacs access to a file, and gets it to open a
window to edit the file.

For example, this lets you use XEmacs to edit files owned by root,
without running XEmacs as root.

In the future, this will be extended to work with other GUI programs.

The Plash shell has a syntax similar to Bash, but with some changes,
such as for granting write access to files (by default it's
read-only).  For example, if you run the "oggenc" encoder program with
the command:

  oggenc foo.wav => -o foo.ogg

then the oggenc process will have access only to the files foo.wav
(read-only), foo.ogg (read/write/create), and those files in its
installation endowment.  By default, the installation endowment
consists of /usr, /bin, /lib and /etc -- all as read-only -- but you
can change this on a per-program basis.  Programs aren't given access
to other files, such as those in your home directory, unless
explicitly granted them.

Mark

Reply to:

Follow-Ups:
- Re: RFS: Plash: a shell and restricted environment for running programs with minimum authority
  - From: "Roberto C. Sanchez" <roberto@familiasanchez.net>

Prev by Date: Re: sponsors.debian.net beta
Next by Date: Re: RFS: Plash: a shell and restricted environment for running programs with minimum authority
Previous by thread: Re: RFS: starvoyager - package already in main repository
Next by thread: Re: RFS: Plash: a shell and restricted environment for running programs with minimum authority
Index(es):
- Date
- Thread