Loading...
Loading...
Capability-Based Security for Redox: Namespace and CWD as Capabilities | Hacker News Hacker News new | past | comments | ask | show | jobs | submit login Capability-Based Security for Redox: Namespace and CWD as Capabilities ( redox-os.org ) 5 points by ejplatzer 2 hours ago | hide | past | favorite | discuss help Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact Search:
Capability-based Security for Redox: Namespace and CWD as capabilities
Redox OS developers reimplemented namespace and current working directory (CWD) handling using capability-based security, moving management from kernel-held strings and IDs into userspace capabilities. Ibuki Omatsu describes how schemes (userspace resource providers like file or tcp) and relibc/redox-rt (the POSIX compatibility/runtime layer) previously relied on kernel-managed namespaces and string-based CWD resolution. The new design represents namespace registrations and CWDs as capabilities—file descriptor–style tokens—so access decisions start from explicit capabilities rather than global kernel string lookups. This reduces kernel responsibility for parsing scheme-rooted paths, narrows resource visibility, and aligns Redox with capability-security principles, improving isolation and least-privilege semantics for processes and userspace services.
Redox OS developer Ibuki Omatsu describes moving namespace and current-working-directory (CWD) management from kernel strings to capability-based primitives in userspace. Redox uses scheme-rooted paths (/scheme/{name}/...) and relibc/redox-rt to translate POSIX calls; previously the kernel stored namespaces and parsed paths to route requests to scheme services. The project reimplements namespace management and treats CWD as a capability (an open handle granting access) so processes access resources only via capabilities rather than global path strings. This reduces kernel responsibility, minimizes string parsing/authority checks in kernel space, and aligns Redox with capability security models that start resource access from explicit capabilities. The change matters for system security, least-privilege isolation, and microkernel design.
Capability-Based Security for Redox: Namespace and CWD as Capabilities | Hacker News Hacker News new | past | comments | ask | show | jobs | submit login Capability-Based Security for Redox: Namespace and CWD as Capabilities ( redox-os.org ) 5 points by ejplatzer 2 hours ago | hide | past | favorite | discuss help Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact Search: