TrustedBSD progress
Andrew R. Reiter
arr at FreeBSD.org
Sat Jan 12 04:50:11 GMT 2002
On Fri, 11 Jan 2002, Robert Watson wrote:
:TrustedBSD MAC
: TODO:
Any plans for sysctl?
:
:TrustedBSD CAP
:
: o Over the past month, substantial progress has been made towards
: creating a working system that does not provide the root user with
: superuser privilege. Useful labels have been determined for a number
: of userland applications, which have been modified not to assume the
: presence of root privilege.
:
: TODO:
:
: o More applications, additional work to merge to the mainstream FreeBSD
: tree.
:
: o Figure out what to do about /etc/capabilities.
:
: o Documentation, including tutorials.
:
: o More philosophical discussion of integration of suser and cap
: privilege models into the same system.
:
:TrustedBSD Audit
:
: o Still in the design phase.
:
: TODO:
:
: o Much. Andrew?
:
:TrustedBSD ACL
:
: This work is largely integrated into the base tree. Currently, we're
: not investing much in the way of resources for this, but there has been
: progress made in porting to Darwin and OpenBSD. There are some TODO's:
:
: TODO:
:
: o Fix bugs in extended attribute 'remount' case, which can cause
: problems with filesystem remount when autostart is enabled.
:
: o Commit Chris Faulhaber's patches for additional userland integration,
: including mv, cp, ls, and others. Also, look at committing Thomas
: Moestl's work on EA and ACL backup for tar.
:
:Robert N M Watson FreeBSD Core Team, TrustedBSD Project
:robert at fledge.watson.org NAI Labs, Safeport Network Services
:
:
:To Unsubscribe: send mail to majordomo at trustedbsd.org
:with "unsubscribe trustedbsd-discuss" in the body of the message
:
--
Andrew R. Reiter
arr at watson.org
arr at FreeBSD.org
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list