[GSoC'19 Weekly Update] MAC policy on IP addresses in Jail
Shivank Garg
shivank at freebsd.org
Mon Jun 17 14:55:18 UTC 2019
Hi, Everyone!
This project is aimed at developing a loadable MAC module with the "The
TrustedBSD MAC Framework" to limit the set of IP addresses a VNET-enabled
Jail can choose from.
This Week-
- I compiled a basic MAC policy module which restricts from setting Jail's
IP address.
- Read about syctl.
- Wrote a test shell script and test cases for the module.
- I thought about the design and plausible improvements in design
Do Check this project on
Github:
https://github.com/shivankgarg98/freebsd/tree/shivank_MACPolicyIPAddressJail/sys/security/mac_ipacl
FreeBSD wiki:
https://wiki.freebsd.org/SummerOfCode2019Projects/MACPolicyIPAddressJail
Please feel free to share your ideas and feedback on this project.
Regards,
Shivank Garg
More information about the soc-status
mailing list