PERFORCE change 52373 for review

Robert Watson rwatson at FreeBSD.org
Thu May 6 20:25:04 GMT 2004 

http://perforce.freebsd.org/chv.cgi?CH=52373

Change 52373 by rwatson at rwatson_tislabs on 2004/05/06 13:24:50

	Add "Prototype" to name.
	List a few more features present in the feature list.
	Some reformatting and spell checking.

Affected files ...

.. //depot/projects/trustedbsd/sedarwin73/README#5 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin73/README#5 (text+ko) ====

@@ -1,21 +1,22 @@
-SEDarwin - Security-Enhanced Darwin
+SEDarwin - Security-Enhanced Darwin Prototype
 
 Andrew Reisse (areisse at nailabs.com)
 Chris Vance (cvance at nailabs.com)
 Robert Watson (rwatson at nailabs.com)
 
-McAfee Research (division of McAfee Inc.)
+McAfee Research
 
-This is a port of our original Darwin 6.8 based implementation,
-to Darwin version 7.3 (MacOSX 10.3.3). It includes the security framework,
-a test policy module, a port of the SElinux type enforcement
-policy module, file labelling tools, and extended attribute tools. Also
-included are modified versions of ps and ls for viewing labels.
+This is a port of our original Darwin 6.8 implementation to Darwin version
+7.3 (MacOSX 10.3.3).  It includes HFS extended attributes, the MAC
+Framework, a test policy module, a port of the SELinux type enforcement
+policy module, SELinux policy tools, file labeling tools, and extended
+attribute tools.  Modified versions of the ls and ps commands capable of
+viewing labels are also included.
 
-SEDarwin is compatible with Apple MacOSX 10.3.3 build 7F44 systems. 
-(To check the build number of a running system, select "About this Mac"
-from the apple menu, then click on the "Version 10.3.3" text in the
-dialog that appears.)
+SEDarwin is compatible with Apple MacOSX 10.3.3 build 7F44 systems.  (To
+check the build number of a running system, select "About this Mac" from
+the Apple Menu, then click on the "Version 10.3.3" text in the dialog that
+appears.)
 
 Package Layout:
 bootstrap_instructions.txt      Instructions for building and installing
@@ -33,14 +34,18 @@
 export (created)		Location of build results
 
 Usage:
-Following the build instructions will yield a system with sedarwin installed,
-and the sample TE policy configured. To test some functionality, enable
-enforcing mode by running "sudo nvram kenv_sebsd_enforce=1" from the shell
-(by default, the TE module runs in permissive mode, logging
+
+Following the build instructions will yield a system with sedarwin
+installed, and the sample TE policy configured. To test some
+functionality, enable enforcing mode by running:
+
+  sudo nvram kenv_sebsd_enforce=1
+
+from the shell (by default, the TE module runs in permissive mode, logging
 access control failures but not enforcing them) and set some file labels.
 TE labels are of the form user:role:type. When passed to or from the
-system, labels begin with the name of the policy module (in this case, 
-sebsd). Objects use the object_r "role".
+system, labels begin with the name of the policy module (in this case,
+sebsd).  Objects use the object_r "role".
 
 $ getpmac
 sebsd/andrew:user_r:user_d
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list