This repository has been archived by the owner on Sep 16, 2021. It is now read-only.
sandboxing support #51
Labels
Comments
This issue was closed.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Ability to function and integrate with sandbox technology (i.e FreeBSD Jails, FreeBSD Capsicum, etc...)
Essentially all the different components of the CMS should be able to function with each other in separate jails fir greater security. This would require that the CMS is designed in a modular way so that each piece can run independently with built in methods to communicate with the other pieces. For example the build system runs in one jail (or virtual machine), the database in another, the version control in another, the Symfony 2 framework in another, each domain/user in their own jail etc... but that they all function together.
This will require the cms to have a messaging system/protocol that works across jails without compromising security and running on minimal rights (non-admin) where possible.
The text was updated successfully, but these errors were encountered: