ambient-authority

1 article
sort: new top best
clear filter
bug-bounty529 xss292 rce171 google148 account-takeover120 exploit119 facebook118 bragging-post118 privilege-escalation104 malware104 microsoft100 open-source94 authentication-bypass90 csrf89 cve82 access-control75 stored-xss75 ai-agents65 web-security64 phishing63 reflected-xss63 writeup56 input-validation52 reverse-engineering51 ssrf51 cross-site-scripting50 sql-injection50 smart-contract49 information-disclosure49 defi48 tool47 apple46 api-security46 ethereum45 privacy44 vulnerability-disclosure44 browser39 opinion39 llm38 web-application38 ai-security37 web337 burp-suite37 automation36 remote-code-execution36 race-condition36 supply-chain35 responsible-disclosure35 dos34 lfi34
0 7/10
FreeBSD Capsicum vs. Linux Seccomp Process Sandboxing
research

Comprehensive technical comparison of FreeBSD's Capsicum and Linux's seccomp-bpf sandboxing models, analyzing their opposite architectural philosophies (capability subtraction vs. syscall filtration) and demonstrating why Capsicum's structural approach is immune to bypass vulnerabilities like CVE-2022-30594 that affect filter-based systems.

sandboxing capsicum seccomp freebsd linux process-isolation capability-based-security syscall-filtering privilege-restriction ambient-authority tcpdump architectural-comparison cve-2022-30594
FreeBSD Linux Capsicum seccomp seccomp-bpf Robert Watson Jonathan Anderson Andrea Arcangeli Will Drewry CVE-2022-30594 USENIX Security tcpdump BPF PTRACE_SEIZE
vivianvoss.net · vermaden · 5 days ago · details · hn