- Plash
infobox software
name = Plash
latest_release_version = 1.19 "Anxious Albert"
latest_release_date = release date|2008|05|05
programming language = C, Python
operating_system =Linux
license =GNU Lesser General Public License
website = http://plash.beasts.org/From the Plash homepage [http://plash.beasts.org/] :
Plash is a system for sandboxing GNU/Linux programs. Plash's aim is to protect you from the programs you run by letting you run them with the minimum authority and privileges they need do do their job -- this is the Principle of Least Authority (POLA). Plash can run programs in a secure, restricted execution environment with access to a limited subset of your files.
Plash is geared towards granting authority dynamically. Sandboxes are lightweight and can be created for each instance of a program. A sandboxed program can be given additional rights at runtime via the FilePowerbox GUI.
Plash has been cited as an implementation of a powerbox on the GNU Hurd wiki [http://www.bddebian.com/~wiki/hurd/ng/powerbox/index.html] and by the google-caja project [http://google-caja.googlecode.com/files/caja-spec-2008-01-15.pdf] .
See also
*
CapDesk
*Bitfrost
*HP Polaris (computer security)
*Principle of least privilege
*Sandbox (computer security)
*Object-capability model
Wikimedia Foundation. 2010.