HEADS UP: PERFORCE change 8204 for review (fwd)

[Robert Watson]

On Thu, 28 Mar 2002, Ilmar S. Habibulin wrote:

> On Wed, 27 Mar 2002, Robert Watson wrote:
> 
> > Just FYI, the primary function of the current import is to compile, and
> > load policy.  While label space has been reserved in the static labels for
> > subjects and various objects, we're still early in the process of
> > processing those labels on the FLASK side.  We're also in the process of
> > moving to entirely dynamic MAC labeling (Brian has made a number of
> > commits over the last week or so to move us in that direction, including
> > allowing modules to request state, and allowing the MAC framework to
> > process objects at initialization and destruction so that state can be
> > easily managed and released).  We'll continue to move in this direction --
> > one immediate benefit will be that we'll no longer be constrained by mbuf
> > size as we'll allow outside memory storage in a more useful way,
> > permitting larger MAC labels if desired.
> 
> Well, then should i try to bring up compartments and network support
> into TrustedBSD MAC implementation or this code will be removed? 

The TrustedBSD MLS and Biba implementations will remain, so updating that
code is a good idea.  The label size issue should resolve itself once a
little more infrastructure is in place.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Project
robert at fledge.watson.org      NAI Labs, Safeport Network Services



To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message