Plash -- Plash (the Principle of Least Authority Shell)

 

About Plash
English (USA)

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run.

In order to implement this, the filesystem is virtualized. Each process can have its own file namespace, which can contain a subset of your files.

This is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run as the user 'nobody' in a chroot jail.

No kernel modifications are required. Plash can run Linux binaries unmodified, provided they are dynamically linked with libc, which is almost always the case.

To see the collection of prior postings to the list, visit the Plash Archives.

Using Plash
To post a message to all the list members, send email to plash@nongnu.org.

You can subscribe to the list, or change your existing subscription, in the sections below.

Subscribing to Plash

Subscribe to Plash by filling out the following form. You will be sent email requesting confirmation, to prevent others from gratuitously subscribing you. This is a hidden list, which means that the list of members is available only to the list administrator.

    Your email address:  
    Your name (optional):  
    You may enter a privacy password below. This provides only mild security, but should prevent others from messing with your subscription. Do not use a valuable password as it will occasionally be emailed back to you in cleartext.

    If you choose not to enter a password, one will be automatically generated for you, and it will be sent to you once you've confirmed your subscription. You can always request a mail-back of your password when you edit your personal options.
    Pick a password:  
    Reenter password to confirm:  
    Which language do you prefer to display your messages? English (USA)  
    Would you like to receive list mail batched in a daily digest? No Yes
Plash Subscribers
(The subscribers list is only available to the list administrator.)

Enter your admin address and password to visit the subscribers list:

Admin address: Password:   

To unsubscribe from Plash, get a password reminder, or change your subscription options enter your subscription email address:

If you leave the field blank, you will be prompted for your email address


Plash list run by mseaborn at onetel.com
Plash administrative interface (requires authorization)
Overview of all nongnu.org mailing lists

Delivered by Mailman
version 2.1.29
Python Powered GNU's Not Unix Trisquel GNU/Linux Powered