What's the status of the project?
Ilmar S. Habibulin
ilmar at ints.ru
Wed Jun 13 05:32:05 GMT 2001
On Tue, 12 Jun 2001, Robert Watson wrote:
> netinet code. I plan to revisit this issue in the next month or so--it
> probably involves sockets acting as both subjects (have a ucred attached)
> and objects (have a MAC label attached). Another issue has to do with
i'll be waiting for it
> whether we want to be able to make routing decisions based on labels, or
> just perform access control.
I think that it should be included in the TODO list. Anyway in-packet
labels should be encrypted somehow, so maybe we should simply hack ipsec
daemons and don't think about trusted network paths?
> Yeah, old told we must have at least three attempts at audit
> implementations lying around--certainly I did a pass or two, and SRI did a
> pass. Unfortunately, we don't seem to have come out of it with highly
> useful results, although quite a bit more experience. If someone wants to
> take this task on, I'd certainly welcome that. Andrew Reiter was looking
> at design considerations, but I think he has been stalled due to
> circumstances beyond his control :-).
I have only some experience in MAC implementation. ;-) I'll read audit
chapter of the draft, but i don't think that i can take this task. Maybe
we can exchange opinions - i have nonposix implementation with audit flags
on files and kernel messages on file access, logged via syslog.
As i remember, your posix audit implementation logged quite everything.
There was too much information, and logs grew rapidly.
> > PS. And what about your polygraph activities? Would we have an ability
> > to change MAC policies with labels on the fly?
> This is still on the goal list, and the object label code is a step in
> that direction, as it allows the improved abstraction of object labels.
> You'll notice also that the ucred handling in 5.0-CURRENT has been
> gradually expanding to include more and more of the per-process access
> control information (for example, the jail pointer recently moved into
> ucred, and pcred was eliminated, simplifying credential handling). I'm
Well, i tried to understand the difference and the necessity of two these
structures, but failed, i suppose. So i concentrated on MAC, it seems to
be much more simpier to me. ;-)
> taking this gradually, and will probably have an announcement in the near
> future (next month or so) relating to the poligraph work.
Would be nice to look at it.
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list