Analyzing Capsicum for Usability and Performance
In this paper the author investigates Capsicum, an ex-tension to UNIX that introduces a new security model on top of existing UNIX architecture. This model consists of several new security primitives and system calls that re-place existing UNIX functionality. The author focused on two aspects of Capsicum: performance and usability. For performance, the author compares the performance of Capsicum system calls to corresponding UNIX calls and analyzes these differences. the author also implement a small le-hosting server that makes use of Capsicum's sandboxing library, in order to determine the feasibility of writing new applications using Capsicum and modifying existing applications to use Capsicum.