| Plash: tools for practical least privilegeDownloading and installing Plash |
There are three ways in which you might install Plash, depending on how much you want to build from scratch.
Debian and RPM packages are available, for i386:
Download these files:
Unpack the Plash source and unpack the glibc object files inside Plash's build directory:
tar -xvzf plash-1.16.tar.gz cd plash-1.16 tar -xvzf ../glibc-i386-objs-2.3.5_2.tar.gz
Configure and build Plash:
./configure ./make.sh
Then do the following as root to install Plash:
./install.sh /
Download these files:
Unpack Plash, and copy or link the glibc source tar.bz2/tar.gz files inside Plash's build directory.
Build glibc with the following command. This will unpack glibc, apply patches, configure and build it. This uses the Debian package build script, but this part is not Debian-specific. It takes about 100 Mb of disc space, and takes 13 minutes on my Athlon XP 3200 machine.
./debian/rules stamp-dir/build-glibc
Now configure and build Plash:
./configure GLIBC_DIR=glibc-objs ./make.sh
As before, you can do the following, as root, to install Plash:
./install.sh /
Bleeding-edge versions of Plash are available from the Subversion (SVN) repository, which is hosted by gna.org.
Checkout over SVN protocol (TCP 3690):
svn co svn://svn.gna.org/svn/plash/trunk plash
Checkout over http:
svn co http://svn.gna.org/svn/plash/trunk plash
| Version | Files | Description of main changes |
|---|---|---|
| Version 1.16 (15th March 2006) |
|
Rewrite Powerbox for Gtk: now inherits from GtkDialog and so works with more applications. Overhauled documentation and build/install process. |
| Version 1.15 (12th December 2005) |
|
Added Powerbox for Gtk. Fixes to allow Konqueror and Gnumeric to run. |
| Version 1.14 (9th November 2005) |
|
Added powerboxes. |
| Version 1.13 (6th October 2005) |
|
Much-improved build system. |
| Version 1.12 (19th September 2005) |
|
Initial version of pola-run. Fixed gc-uid-locks race conditions. Include libm.so etc. in packages. |
| Version 1.11 (13th August 2005) |
|
Major new feature: Add plash-run-emacs tool. Made changes so that it's safer to run the shell as root. Documentation has been improved, and converted to DocBook format. |
| Version 1.10 (20th July 2005) |
|
Implemented fchdir(). "rm -r", "install -d" and "mkdir -p" now work. |
| Version 1.9 (10th July 2005) |
|
Changed implementation of file namespace construction. Now possible to add/replace entries in existing directories (without modifying the directory). |
| Version 1.8 (22nd May 2005) |
|
Overhauled build system for modified glibc. Add option for granting access to the X11 Window System (off by default). New mechanism for setting shell options. Added limited support for directory file descriptors, so that XEmacs works. |
| Version 1.7 (1st May 2005) |
|
Major new feature: executable objects. |
| Version 1.6 (18th January 2005) |
|
New argument syntax: "PATHNAME = EXPR", allowing objects to be attached anywhere in the file namespace. |
| Version 1.5 (7th January 2005) |
|
Add recursive read-only directories. Add example "chroot" program: first tool to use object-capability protocol. |
| Version 1.4 (4th January 2005) |
|
Implemented object-capability protocol. This is used as an additional layer in the communication between client and server. |
| Version 1.3 (29th December 2004) |
|
Better security: runs processes under dynamically-allocated user IDs rather than the user "nobody". Add globbing and file descriptor redirection to the shell. Implemented bind(), symlink(), utime(), rename() and link(). |
| Version 1.2 (18th December 2004) |
|
Fixed open64() and libpthread.so. Implemented pipes in the shell. Added "!!" syntax to shell. Added support for "#!" scripts. Added options window for enabling logging. |
| Version 1.1 (10th December 2004) |
|
Added job control to shell. |
| Version 1.0 (7th December 2004) |
|
First version. |