## Please edit system and help pages ONLY in the moinmaster wiki! For more ## information, please see MoinMaster:MoinPagesEditorGroup. ##master-page:FrontPage #format wiki #language en #pragma section-numbers off #acl All:read = Plash Wiki = Plash is a system for sandboxing GNU/Linux programs. Plash's aim is to protect you from the programs you run by letting you run them with the minimum authority and privileges they need do do their job -- this is the Principle of Least Authority (POLA). Plash can run programs in a secure, restricted execution environment with access to a limited subset of your files. Plash is geared towards granting authority dynamically. Sandboxes are lightweight and can be created for each instance of a program. A sandboxed program can be given additional rights at runtime via the FilePowerbox GUI. * HowPlashWorks: Plash is a paravirtualization system * ComparisonWithOtherSystems * RelatedSystems: systems based on similar ideas * PlashLimitations * ["PlashFAQs"]: frequently asked questions Plash provides two programmatic interfaces for creating sandboxes and granting them authority: * [wiki:PolaRun pola-run]: a command line tool for launching programs * PythonBindings: a Python interface to Plash's object system Also: * ["pola-shell"] is a shell for launching programs in sandboxes News: * 2008/05/05: [wiki:PlashRelease1.19 Version 1.19 "Anxious Albert" released] * 2007/06/05: [wiki:PlashRelease1.18 Version 1.18 released] == Contents == * Get Plash: * DownloadPackages: .deb packages for installing via APT * AutoBuildPackages: packages for latest development version * ["SVNRepository"]: development sources * BuildingFromSource: how to build Plash from source * Main components: * PlashGlibc: glibc, modified to use RPC calls * ChrootSetuidJail: takes away authority from a process * FsObj interface: file and directory objects * implementations include FsObjReal, FsObjReadOnly, FsObjCopyOnWrite * FsOp: POSIX-style pathname-based access to a file namespace * DirStacks, ["DirectoryFDs"] * PlashObjectCapabilityProtocol: protocol for invoking objects and passing object references * ProtocolEnvVars: how processes get their initial object references * SimpleMessageProtocol * ExecutableObjects: treating execve() as an object-capability invocation * PlashInternals: ObjectSystem, RegionMemoryManagement, StringHandling * TestingPlash: automated test suites * PlashReleases: list of released versions * RoadMap: plans for the future * PlashIssues: bug tracker * PlashDevelopment: notes related to development * ["Copyright"]: Plash is free software, licensed under the GNU LGPL * [http://lists.nongnu.org/mailman/listinfo/plash Plash mailing list] * [http://news.gmane.org/gmane.comp.security.plash Mailing list archives] on gmane.org * [http://www.eros-os.org/pipermail/cap-talk/ cap-talk mailing list] - for discussion of general issues regarding capability security Interesting starting points: * RecentChanges: see where people are currently working * WikiSandBox: feel free to change this page and experiment with editing * FindPage: search or browse the database in various ways * SyntaxReference: quick access to wiki syntax * SiteNavigation: get an overview over this site and what it contains