FreeBSD and MAC

Robert Watson rwatson at FreeBSD.org
Wed Mar 18 15:06:40 PDT 2009 

On Wed, 18 Mar 2009, Gabriele Modena wrote:

> 2009/3/17 Robert Watson <rwatson at freebsd.org>:
>
>> Right now no one is maintaining the SEBSD module; this is unfortunate, but 
>> largely a property of people having enough time.  If this is something you 
>> can contribute to (or anyone else who's interested) I'm happy to provide 
>> pointers and advice.
>
> Could this be a valid Google Summer of Code project?
>
> I am about to write a proposal for this summer; my idea was related to 
> semantic file systems (in a way to combine my interest in kernel hacking to 
> my current research interest in information retrieval) and I am still 
> reading background literature about that.
>
> If there is interest from the community, SEBSD/TrustedBSD would be another 
> area I would like to work on. In the past I worked a bit (at a hobbyst 
> level) with SELinux and I have a background in security and (linux) kernel 
> hacking.
>
> In both cases I am interested in working on FreeBSD during the summer with 
> or without a Google's grant.

Yes, I think this would be a good GSoC project, although it is quite large so 
I think you'd need to break it up into parts and plan not to complete all of 
them in one summer.  I think the first step would be to slide the current 
SEBSD port forward to a newer FreeBSD version, then work towards updating the 
SEBSD parts from new Linux parts.  It would also be worth chatting with NSA 
(et al) about whether non-GPL'd kernel parts are available.  I know there's 
some on-going OpenSolaris porting work, and CDDL and GPL mix like water and 
oil, as I understand it, so there may be.  I would be happy to lend technical 
advice to a project to do the above updates, and I suspect more hands would 
turn up once someone was clearly driving things forwards, GSoC project or not.

The advice I'm giving all students, btw, is that if you're submitting a 
proposal based on one of our project ideas on the web page, consider 
submitting multiple proposals, as in previous years we've found ourselves 
having to pick just one of several promising students because they all picked 
the same idea and there was really room for only one instance of the project. 
Since you're talking about proposing ideas not on the list, that caution 
probably doesn't apply in the same way, but submitting multiple proposals 
(given enough time invested in each) likely will improve the chances that we 
can select you.

Thanks,

Robert N M Watson
Computer Laboratory
University of Cambridge

More information about the freebsd-security mailing list