• FrontPage

Plash Wiki

Plash is a system for sandboxing GNU/Linux programs. Plash's aim is to protect you from the programs you run by letting you run them with the minimum authority and privileges they need do do their job -- this is the Principle of Least Authority (POLA). Plash can run programs in a secure, restricted execution environment with access to a limited subset of your files.

Plash is geared towards granting authority dynamically. Sandboxes are lightweight and can be created for each instance of a program. A sandboxed program can be given additional rights at runtime via the FilePowerbox GUI.

• HowPlashWorks: Plash is a paravirtualization system

• ComparisonWithOtherSystems

• RelatedSystems: systems based on similar ideas

• PlashLimitations

• PlashFAQs: frequently asked questions

Plash provides two programmatic interfaces for creating sandboxes and granting them authority:

• pola-run: a command line tool for launching programs

• PythonBindings: a Python interface to Plash's object system

Also:

• pola-shell is a shell for launching programs in sandboxes

News:

• 2008/05/05: Version 1.19 "Anxious Albert" released

• 2007/06/05: Version 1.18 released

Contents

• Get Plash:

  • DownloadPackages: .deb packages for installing via APT

  • AutoBuildPackages: packages for latest development version

  • SVNRepository: development sources

  • BuildingFromSource: how to build Plash from source

• Main components:

  • PlashGlibc: glibc, modified to use RPC calls

  • ChrootSetuidJail: takes away authority from a process

  • FsObj interface: file and directory objects

    • implementations include FsObjReal, FsObjReadOnly, FsObjCopyOnWrite

  • FsOp: POSIX-style pathname-based access to a file namespace

    • DirStacks, DirectoryFDs

  • PlashObjectCapabilityProtocol: protocol for invoking objects and passing object references

    • ProtocolEnvVars: how processes get their initial object references

    • SimpleMessageProtocol

  • ExecutableObjects: treating execve() as an object-capability invocation

  • PlashInternals: ObjectSystem, RegionMemoryManagement, StringHandling

  • TestingPlash: automated test suites

• PlashReleases: list of released versions

• RoadMap: plans for the future

• PlashIssues: bug tracker

• PlashDevelopment: notes related to development

• Copyright: Plash is free software, licensed under the GNU LGPL

• Plash mailing list

  • Mailing list archives on gmane.org

• cap-talk mailing list - for discussion of general issues regarding capability security

Interesting starting points:

• RecentChanges: see where people are currently working

• WikiSandBox: feel free to change this page and experiment with editing

• FindPage: search or browse the database in various ways

• SyntaxReference: quick access to wiki syntax

• SiteNavigation: get an overview over this site and what it contains