Ben Laurie blathering

28 Nov 2005

Capabilities in Other Languages

Filed under: Capabilities,Open Source,Security — Ben @ 10:39

Ted Leung suggests that I should try adding capabilities to Ruby. H1kari suggested Javascript. I believe both of these are possible. I even think I could do it for C!

But should I? Does anyone care?

27 Nov 2005

Capabilities in Perl

Filed under: Capabilities,Open Source,Security — Ben @ 13:47

A long time ago, I tried to extend Python to support capabilities. It didn’t work out well – it turns out that the Python interpreter isn’t well suited – by the time Python has been compiled it has lost too much information to enforce the confinement required by capabilities. Also, it seems the Python developers aren’t really interested in capabilities (nor all that interested in security, it seems, since the restricted execution mode is not maintained).

Anyway, much later I realised that modifying the interpreter wasn’t the way to go – what’s much better is to compile a modified version of the language into the standard language – that way proves to be much easier.

So, I did this for Perl, on the basis that if you can secure Perl you can surely secure anything. I’ve given a couple of talks about it, but so far haven’t released any code. I finally got off my arse and did the first release. Very poorly documented, I’m afraid, but there is at least a mailing list!

You can find CaPerl here.

« Previous Page

Powered by WordPress