TrustedBSD Status Update

[Robert Watson]

This e-mail is just to let people know that there is still life out there
:-).  Over the next week or so, I will be releasing an updated ACL patch
(some bugfixes in kernel, improved userland integration), as well as a
first revision of my implementation of a MLS/Biba/Partition mandatory
access control mechanism (initially supporting labels on processes and
files, with sockets/packet/interface labeling in the works). This work
includes some userland integration (appropriate management of labels by
user class and integration into libutil's setusercontext()  behavior), and
is based in part on Ilmar's existing MAC infrastructure patches.  I also
wanted to report successful presentation of a paper at BSDCon concerning
the extended attribute and capability mechanisms, as well as participation
in the recent DARPA-sponsored CHATS 2 workshop on security and open
source.  I'll put the paper from BSDCon online shortly, and be announcing
patches over the next few days.  I've been considering a Type Enforcement
implementation, but have been attempting to resolve concerns about
intellectual property covering TE implementations.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Project
robert at fledge.watson.org      NAI Labs, Safeport Network Services

To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message