FYI on TrustedBSD documentation updates, other news

Ilmar S. Habibulin ilmar at watson.org
Tue Apr 22 08:52:09 GMT 2003 

On Mon, 21 Apr 2003, Robert Watson wrote:

> > Would compartments have human-readable format in text representation?
> I assume from this you believe the current format is not human readable
Yes, i think so. Here is your examples below.

>   user1: mls/high:1,biba/low
>   user2: mls/80,biba/low
I can understand what is high or low, but what is 80? Or compartment 1?
So i mean the following representation:

mls/the_toppest_secret:project_1+project_betta

plus there must be some sort of vocablurary files for converting text
representation to numbers and vs.

the_toppest_secret:80
project_1:1
project_betta:222


> setusercontext().  However, I suspect we don't properly handle a number of
> cases involving pty handling, as well as the label reset process.  You'll
> notice this problem in using xterm, as the label will get set when xterm
> starts to the user's label, but never reset, which means that the pty may
> not be reusable by processes at other levels when using MLS.  We need to
> talk through all the tty management code in detail and work out how it
> should behave.  One of the things we're missing is a good notion of what
> the initial label should be, and what to reset it to when done with a tty.
Do you want to rewrite telnetd/rlogind/ssh/xterm/login/getty to use one
interface?

> > > - Add variant symlink support to handle poly-instantiation handling of
> > >   /tmp, et al.
> > Is it something instead of MultiLevelDirectories? Maybe it is better to
> > implement MLDs?
>
> Well, my thought was to use it to implement an MLD-like notion, with or
> without the mkdir:
>
>    ln -s /tmp.real/%mls%/%biba% /tmp
IMHO it is much more easier to implement as TMPDIR shell variable.

> And give policies the opportunity to substitute for names as necessary.  I
> prototyped this locally, but the patches will need updating.  Then the
> question becomes, should there be automatic directory creation -- the
> answer is made a little more difficult because FreeBSD now supports shared
> and exclusive vnode locks, and we'll need to make sure that we hold an
> exclusive lock if we want to automatically create directories.  There are
> also some interesting questions about the credential used to create the
> instance directories, what labels to set, etc.
There are Trusted Solaris docs, that describe the process of creation MLDs
and their SLD interoperability. Did you read them?
The credential, used to create MLD must be inherited from the parent /tmp
or other public directory.


To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message

More information about the trustedbsd-discuss mailing list