Evan Sarmiento

| Me 


Hello, I'm Evan Sarmiento, somehow you've managed to stumble upon this site. I'm a computer geek, mostly interested in kernel hacking and trusted operating systems. One of my recent projects involves providing security extensions for the FreeBSD operating systems. So, I suppose, above all, my favorite aspect of the computer world is information security.


Linux Predictable Scheduling

As you can see I'm working on a number of projects all at the same time. Right now, this is the one which I am paying the most attention to. I am working with a CS professor from BU to create predictable scheduling in the Linux 2.4.16 kernel by first porting DWCS to the 2.4.x series and then tweaking it a bit.

Progress posted here. We are using the MontaVista preempt patch as a base.


I am working on a number of projects. First and foremost is PRFW, kernel hooks for the FreeBSD operating systems. What is a hook? Is it related to captain hook? No. A hook is a small snippet of code within a function that refrences another portion of code. For example, in emacs, you're allowed to insert your own code into major and minor modes using (add-hook). Basically, this patch allows the user to insert his own code into various kernel functions and system calls.

One of the major incentives for using hooks is that it provides developers who want to create security extensions an easy programming interface to use.


Openroot was my first project. It's a computer in which all users gain root access. How is this possible? Through jail. As you can see, through my experiences I've gotten to know a lot about jail() and have written on it.


I'm currently in high school at Boston University Academy, a private school on Boston University's campus. I am taking Computer Science at the University in addition to my normal coursework.


I have published a couple of articles. The first being, "Securing FreeBSD using Jail", which is an article about how I protected and secured the Openroot computer. That article was published in the May 2001 edition of SysAdmin magazine. The second article, a bit more technical, was published in the September 2001 issue of Daemon News, entitled "Jail Internals". Just recently, an article of mine entitled "Systems Administration with SCSH", has been published in SysAdmin Magazine. It is a featured article, so it resides both online and in the printed magazine. Read it here.

  • Securing FreeBSD using Jail
  • Systems Administration with SCSH
  • Inside Jail

    In Progress:

  • Extensibility in the FreeBSD kernel

    USENIX 2001 Security Symposium:

  • IPFilter Summary
  • Resume
  • Resume: If you wish to view my resume, please contact me at evms@csa.bu.edu (school) or ems@open-root.org. (home)
  • Projects
  • PRFW
    PRFW is hooks for the FreeBSD kernel. Paper above is about this.
  • Open Root
  • KLD
  • kaJ: stands for kill all jails. Comes with module and userland program. Remember to make and kldload. 5.0-only, remove PROC_LOCK AND UNLOCK for -stable compatablity. This module kills all jailed processes.

  • kjs: stands for kill jail. This works on -stable only (4.2-4.4). Kills a jail based on its IP address

  • unJail: this module provides a system all to unjail the currently running process. Also comes with userland program.
  • MISC
  • SR33: Tips for getting FreeBSD to work on a Sony Vaio SR33
  • My LiveJournal, soon to be moved to this server.
  • Woohoo!
  • NovaRoma: I applied for citizenship.
  • Nine Inch Nails Live - And All That Could Have Been (DVD) Really good live concert
  • (c) Evan S 2001