The ports move

Pawel Jakub Dawidek pjd at
Fri Jul 15 11:25:22 GMT 2005

On Fri, Jul 15, 2005 at 07:46:36AM +0300, Samy Al Bahra wrote:
+> We will soon be making an inevitable move with MAC by moving the
+> TrustedBSD/FreeBSD policies out of the main tree and into the ports
+> system. To the people who prefer certain modules to be in base, a simple
+> distribution set can be made for repeated installs. This is done in
+> hopes to recognize and support 3rd-party policies in a scalable manner.
+> Ports will be created for:
+> mac_bsdextended
+> mac_chkexec
+> mac_ifoff
+> mac_lomac
+> mac_partition
+> mac_portacl
+> mac_seeotheruids
+> mac_suidacl
+> While, mac_none, mac_stub, mac_test, mac_mls and mac_biba will remain in
+> base. A patch will be sent for inclusion in the ports system to the
+> ports team to recognize a proposed API tracking scheme for MAC.

While I fully understand that it is a good idea to allow for 3rd party
policies in ports, I don't really see the need for moving current
policies that had been in the base for years(?) now to ports.
Shouldn't we leave them alone and put all new policies into ports?
And after some time and testing we can move most popular policies
to the base.

Another thing I want to note is that mac_seeotheruids policy is an
example. There is simlar functionality without MAC and I don't
really see the need for removing example policies.

Pawel Jakub Dawidek             
pjd at                 
FreeBSD committer                         Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url :

More information about the trustedbsd-discuss mailing list