FYI on TrustedBSD documentation updates, other news
Robert Watson
rwatson at FreeBSD.org
Sun Apr 20 16:21:50 GMT 2003
In preparation for the DISCEX III presentation on Tuesday, I've been
updating the online documentation for the TrustedBSD MAC Framework. In
doing so, I have...
(1) Added our USENIX/FREENIX 2003 paper on the MAC Framework to the
TrustedBSD documentation web page. It includes discussion and
analysis of the approach and rationale, as well as some performance
measurements, etc. Look for:
The TrustedBSD MAC Framework: Extensible Kernel Access Control for
FreeBSD 5.0
(2) Updated the MAC Framework developer documentation in the FreeBSD
Developer's Handbook. It now includes more information about the
kernel and user architecture, some updates to the entry point list,
new information on labeling and policies, etc. The document is linked
off the TrustedBSD documentation page, or you can reach it directly:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/mac.html
(3) Updated the MAC man pages, adding mac.conf.5, updating summaries, etc.
The man pages found on the FreeBSD web site haven't been updated
recently, but new FreeBSD installs from the 5.x branch should pick up
the changes.
The web-based and online documentation continues to be a work in progress,
but should now be quite a bit more useful. We'll continue to update it as
we keep making progress. :-)
In other news, FreeBSD 5.1 will ship with UFS2 as the default file system,
which will ease access to ACLs and MAC labeling in the default install.
We're also made a number of changes to improve the performance and
handling of Mbuf labels, added a mac_portacl policy module, and quite a
bit more.
High on the TODO list are:
- Modify labeled security modules to use a centralized label list rather
than allocating per-label instance storage, which should improve
performance and lower memory overhead for running the modules.
- Figure out how to merge the SEBSD-derived label and policy configuration
management into the main MAC tree from our SEBSD tree: FLASK relies on
exec-time atomic label changes on processes, rather than the
mac_set_proc() model which is used by the other policies. Likewise,
FLASK stores its notion of possible user labels and transitions in the
kernel, whereas our other policies store user label information in the
login class database.
- Move to a label database separate from the login class database to
improve flexibility.
- Revisit out handling of TTY labels as set at login, our current approach
has a number of serious limitations.
- Add variant symlink support to handle poly-instantiation handling of
/tmp, et al.
- Perform more real-world testing of various MAC models to make sure we've
caught all the edge cases, improve our initial labeling of file system
objects, etc. Improve user documentation to handle results.
- Improve networking integration for carrying labels over the network,
IPsec support, etc.
Thanks,
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert at fledge.watson.org Network Associates Laboratories
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list