TrustedBSD Extensions Project (fwd)
Ilmar S. Habibulin
ilmar at ints.ru
Thu Apr 20 17:54:29 GMT 2000
On Thu, 20 Apr 2000, Robert Watson wrote:
> One piece of support infrastructure that you point to as being required is
> TSIX, which to my (shallow) understanding is API and supporting
> standardization for tagging IPC channels with MAC labels (etc), both
> locally and across a network -- left out of POSIX.1e as POSIX doesn't
> attempt to address the sockets case. Is this impression right, or am I
> thinking of something else? Has interoperability been successfully
> demonstrated across trusted operating system platforms using mechanisms
> such as this? I'm far more confident about my understanding of the
> problem space in the context of a single OS on a single box, and less so
> in the network and cross-OS issues.
I want to implement TSIX in FreeBSD. But only after local MAC
implemetation. Right now i'm labeling sockets with MAC_SYS_LOW label, so
no network communications are possible for higher labeled subjects. That's
why X will not be able to run for a higher labeled user. :(
PS. What about attribute names standartization?
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list