Language Selection

English French German Italian Portuguese Spanish

Compartmentalized computing with CLIP OS

Filed under
OS
Gentoo

The design of CLIP OS 5 includes three elements: a bootloader, a core system, and the cages. The system uses secure boot with signed binaries. Only the x86 architecture was supported in the previous versions, and there are no other architectures in the plan for now. The core system is based on Hardened Gentoo. Finally, the cages provide user sessions, with applications and documents.

Processes running in separate cages cannot communicate directly. Instead, they must pass messages using special services on the core system; these services are unprivileged and confined on the cage system, but privileged on the core. These communication paths are shown in this architecture diagram from the documentation. Cages are also isolated from the core system itself — all interactions (system calls, for example) are checked and go through mediation services. The isolation between applications will be using containers, and the team plans to use the Flatpak format. The details of the CLIP OS 5 implementation are not available yet, as this feature is planned for the stable release.

A specific Linux security module (LSM) inspired from Linux-VServer will be used to add additional isolation between the cages, and between the cages and the core system. Linux-VServer is a virtual private server implementation designed for web hosting. It implements partitioning of a computer system in terms of CPU time, memory, the filesystem, and network addressing into security contexts. Starting and stopping a new virtual server corresponds to setting up and tearing down a security context.

Read more

More in Tux Machines

Android Leftovers

today's howtos

OpenJDK 8 and 11: Still in safe hands

In 2018, Oracle announced that it would only provide free public updates and auto-updates of Java SE 8 for commercial users until the end of January 2019. Java 8 is a very important platform, used by millions of programmers, so this was a big deal. The Java community needed to fill the gap. In February of this year, I was appointed as the new Lead of the OpenJDK 8 Update Releases Project. A couple of weeks later, I was appointed the new Lead of the OpenJDK 11 Updates Project. This is an important milestone in the history of OpenJDK and of Java SE because it’s the first time that a non-Oracle employee has led the current long-term OpenJDK release project. JDK 8 is still a much-used Java release in industry, and JDK 11 is the current long-term maintenance release. It’s now a couple of weeks after the first releases of JDK8u and JDK11u on my watch. I think the process went pretty well, although it was not entirely smooth sailing for the developers. Having said that, we got our releases out on the day, as planned, and so far we’ve seen no major problems. Read more

How to advance your career by contributing to open source projects

In 2017, I wrote my (so-far) most popular article of all time, "The Impact GitHub is Having on Your Software Career, Right Now…," on Medium. In that article, I cast the vision for how you can develop your career through open source contributions. It clearly struck a nerve—it got 382 points and 237 comments on Hacker News. Many of the comments hated on it so hard—they disagreed with my main premise—but I felt they had missed the point. At the time I was a recruiter with 10 years of engineering experience, working at Red Hat. There is nothing I love more than a challenge, so I went "deep cover." I quit my job as a recruiter and got a job as a software engineer in a pure closed-source company that uses BitBucket and has PCI-compliant security. Fourteen months later, I got hired by Camunda to work as the developer advocate for Zeebe, a workflow engine for orchestrating microservices, purely based on my open source contributions while working at that job. I just did everything I advised readers to do in the comments of my original Medium article. Read more