FYI on TrustedBSD documentation updates, other news
Ilmar S. Habibulin
ilmar at watson.org
Mon Apr 21 08:37:35 GMT 2003
On Sun, 20 Apr 2003, Robert Watson wrote:
I have some questions.
> - Move to a label database separate from the login class database to
> improve flexibility.
Would compartments have human-readable format in text representation?
> - Revisit out handling of TTY labels as set at login, our current approach
> has a number of serious limitations.
Can you describe these limitations please.
> - Add variant symlink support to handle poly-instantiation handling of
> /tmp, et al.
Is it something instead of MultiLevelDirectories? Maybe it is better to
implement MLDs?
> - Improve networking integration for carrying labels over the network,
> IPsec support, etc.
There is some issue with network packet labeling using IPSEC, which i
couldn't resolve. I can provide some policy for interoperability of 2
peers with certain labels. But how to handle Client-Server operations with
multiple clients having different labels? IPSEC doesn't have functionality
to transfer label information from client to server. Maybe this should be
done by some daemons, like racoon?
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list