capabilities impletementation?

[Dingo]

Ok the holidays are over, New Years kick off so Im starting to push
forward on SeBSD, I have some of the work that was also done by YanJun,
which Ive also merged into my tree. Is there anything further? I believe
if Scott and Robert can confirm this we are synching to 7.0. Then we can
potentially MFC back to 6.0-RELEASE. Now the questions I think we need
to discuss are the issues raised by robert on Mon, 28 Nov 2005 RE:

--------SNIP--------------
So an interesting question is -- if we want to move forward with the 
POSIX.1e privilege/capability implementation, do we want to attempt to 
make it a MAC module, or do we want to keep the implementation separate.
Right now, the trustedbsd_cap branch is quite dated, but probably isn't
all that hard to update.  It does depend on changes that are also
present  in the SEBSD branch, so there is the potential to combine
efforts.  On the other hand, there are lots of changes required for both
that are dependencies of only one -- for example, the type enforcement
related changes in user space aren't required for the capability
implementation. My leaning would be to keep them in different work
areas, but to share as much of the implementation as possible.
--------SNIP----------------

So Id say if we can entertain a conversation reguarding these and come
to some conclusions then we can push foward. for now Ive been working
with what Ive done and what yanjun has provided. Who else recieved
perforce access?? and who else might be also working this treee into a
more current on their own that might be capable of contributing code??


To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message