Low Watermark MAC (LOMAC) implementation for Linux
Robert Watson
robert at cyrus.watson.org
Sun Oct 10 15:15:08 GMT 1999
Thought those discussing MAC implementations might be interested in the
LOMAC implementation written by Tim Fraser at TIS Labs -- it's GPL'd, and
for Linux. It can be retrieved from:
ftp://ftp.tislabs.com/pub/lomac/lomac-v0.2.tar.gz
The archive for the mailing list is also in that directory.
I've only skimmed through the documentation, but the goal seems to be to
have a MAC system that integrates well (and relatively transparently) into
the Linux environment. Unfortunately I don't have a copy of the primary
paper it refers to for the definition of lomac, but have contacted Tim to
ask him to send me a copy.
Without much prior knowledge of the material or the implementation yet, I
can raise the normal query: presumably this is something that can hide
behind the Posix.1e interface?
Ilmar--might be interesting to see if we could plug something like this
into FreeBSD. We'd have to reimplement, of course, since it's in GPL...
Although it seems Tim distributes it purely as a kernel module with no
patches, so it might be possible to distribute a kernel module for FreeBSD
under GPL as long as it didn't come with the base distibution (undesirable
in the long term, but good enough for testing and exploring the usefulness
of the code and method).
Robert N M Watson
robert at fledge.watson.org http://www.watson.org/~robert/
PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1
TIS Labs at Network Associates, Safeport Network Services
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list