TrustedBSD Extensions Project (fwd)
James Buster
bitbug at sgi.com
Thu Apr 20 22:06:47 GMT 2000
Robert Watson wrote:
> One piece of support infrastructure that you point to as being required is
> TSIX, which to my (shallow) understanding is API and supporting
> standardization for tagging IPC channels with MAC labels (etc), both
> locally and across a network
Essentially correct, though it's not just MAC: capabilities, audit id, uid, gid,
and supplementary groups are also supported. SAMP (Security Attribute Mapping
Protocol) and SATMP (Security Attribute Token Mapping Protocol) are used to transmit
attributes over the wire in the socket case. Purely local IPC mechanisms, like
System V message queues, don't need that.
---
Bye,
James
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list