2.7. Security

Security Mechanisms on NyxOS

NyxOS employs several security mechanisms to ensure the integrity and isolation of processes, including namespaces and a capability-based system. Some aspects of these mechanisms are managed by the kernel, though certain features can be handled in user-space.

Namespaces

In NyxOS, a namespace represents a list of schemes. For example, running ls : will display the schemes available in the current namespace. Each process operates within its own namespace, providing isolation and control over which schemes and resources are accessible.

Capabilities

Capabilities in NyxOS are specialized file descriptors that define specific actions or permissions. These capabilities can be used to control and limit what a process can do, enhancing security by preventing unauthorized actions.

Sandbox

NyxOS supports sandboxing through the following methods:

• Namespace Restrictions: By limiting the number of schemes available in a process’s namespace, or by excluding schemes entirely, you can restrict a program’s access. For instance, a process without any schemes in its namespace cannot open new file descriptors, thus limiting its interactions and potential security risks.

• File Descriptor-Based Functionality: While this feature is still under development, NyxOS aims to enforce all functionalities through file descriptors. This approach ensures that programs interact with the system in a controlled manner, further enhancing security and sandboxing capabilities.