Truly independent web browser
Find a file
Liav A d4b65f644e Kernel: Allow opening some device nodes sparingly for jailed processes
From now on, we don't allow jailed processes to open all device nodes in
/dev, but only allow jailed processes to open /dev/full, /dev/zero,
/dev/null, and various TTY and PTY devices (and not including virtual
consoles) so we basically restrict applications to what they can do when
they are in jail.
The motivation for this type of restriction is to ensure that even if a
remote code execution occurred, the damage that can be done is very
small.
We also don't restrict reading and writing on device nodes that were
already opened, because that limit seems not useful, especially in the
case where we do want to provide an OpenFileDescription to such device
but nothing further than that.
2022-12-09 23:09:00 -07:00
.devcontainer
.github
AK
Base
Documentation
Kernel
Meta
Ports
Tests
Toolchain
Userland
.clang-format
.clang-tidy
.editorconfig
.gitattributes
.gitignore
.mailmap
.pre-commit-config.yaml
.prettierignore
.prettierrc
.ycm_extra_conf.py
azure-pipelines.yml
CMakeLists.txt
CONTRIBUTING.md
LICENSE
README.md
SECURITY.md

SerenityOS

Graphical Unix-like operating system for x86 computers.

GitHub Actions Status Azure DevOps Status Fuzzing Status Sonar Cube Static Analysis Discord

About

SerenityOS is a love letter to '90s user interfaces with a custom Unix-like core. It flatters with sincerity by stealing beautiful ideas from various other systems.

Roughly speaking, the goal is a marriage between the aesthetic of late-1990s productivity software and the power-user accessibility of late-2000s *nix. This is a system by us, for us, based on the things we like.

You can watch videos of the system being developed on YouTube:

FAQ: Frequently Asked Questions

Screenshot

Screenshot as of b36968c.png

Features

  • Modern x86 32-bit and 64-bit kernel with pre-emptive multi-threading
  • Browser with JavaScript, WebAssembly, and more (check the spec compliance for JS, CSS, and WASM)
  • Security features (hardware protections, limited userland capabilities, W^X memory, pledge & unveil, (K)ASLR, OOM-resistance, web-content isolation, state-of-the-art TLS algorithms, ...)
  • System services (WindowServer, LoginServer, AudioServer, WebServer, RequestServer, CrashServer, ...) and modern IPC
  • Good POSIX compatibility (LibC, Shell, syscalls, signals, pseudoterminals, filesystem notifications, standard Unix utilities, ...)
  • POSIX-like virtual file systems (/proc, /dev, /sys, /tmp, ...) and ext2 file system
  • Network stack and applications with support for IPv4, TCP, UDP; DNS, HTTP, Gemini, IMAP, NTP
  • Profiling, debugging and other development tools (Kernel-supported profiling, detailed program analysis with software emulation in UserspaceEmulator, CrashReporter, interactive GUI playground, HexEditor, HackStudio IDE for C++ and more)
  • Libraries for everything from cryptography to OpenGL, audio, JavaScript, GUI, playing chess, ...
  • Support for many common and uncommon file formats (PNG, JPEG, GIF, MP3, WAV, FLAC, ZIP, TAR, PDF, QOI, Gemini, ...)
  • Unified style and design philosophy, flexible theming system, custom (bitmap and vector) fonts
  • Games (Solitaire, Minesweeper, 2048, chess, Conway's Game of Life, ...) and demos (CatDog, Starfield, Eyes, mandelbrot set, WidgetGallery, ...)
  • Every-day GUI programs and utilities (Spreadsheet with JavaScript, TextEditor, Terminal, PixelPaint, various multimedia viewers and players, Mail, Assistant, Calculator, ...)

... and all of the above are right in this repository, no extra dependencies, built from-scratch by us :^)

Additionally, there are over two hundred ports of popular open-source software, including games, compilers, Unix tools, multimedia apps and more.

How do I read the documentation?

Man pages are available online at man.serenityos.org. These pages are generated from the Markdown source files in Base/usr/share/man and updated automatically.

When running SerenityOS you can use man for the terminal interface, or help for the GUI.

Code-related documentation can be found in the documentation folder.

How do I build and run this?

See the SerenityOS build instructions. Serenity runs on Linux, macOS (aarch64 might be a challenge), Windows (with WSL2) and many other *Nixes with hardware or software virtualization.

Get in touch and participate!

Join our Discord server: SerenityOS Discord

Before opening an issue, please see the issue policy.

A general guide for contributing can be found in CONTRIBUTING.md.

Authors

And many more! See here for a full contributor list. The people listed above have landed more than 100 commits in the project. :^)

License

SerenityOS is licensed under a 2-clause BSD license.