HEADS UP: PERFORCE change 8204 for review (fwd)

Ilmar S. Habibulin ilmar at watson.org
Wed Mar 27 11:15:57 GMT 2002


On Fri, 22 Mar 2002, Robert Watson wrote:

> For those interested, SEBSD is a on-going port of the SELinux FLASK and
> Type Enforcement implementations to run on top of the TrustedBSD MAC
> framework.  This work is occurring as part of an extension to the DARPA
> CBOSS contract at NAI Labs, and will provide access to NSA FLASK and the
> Type Enforcement implementations as pluggable modules on FreeBSD 5.0. With
I've just checked the new code and looked it through a little bit. There
is own MLS implementation there. Would it be use separately from
trustedbsd one, on top of trustedbsd one(so SE MLS stuff would be
rewritten) or trustedbsd one would go away?

And i'd like to discuss bitmap issues also. I saw some use of bitmaps in
SE code, but i think it's better to implement some more generic mechanism,
like userland bitstring. I'm trying to add compartments, using imported
bitstring macroses.

> the current level of funding, we anticipate a workable experimental
> implementation when 5.0 is released in November.  Obviously, we'd like to
> see that become a production-worthy implementation as time and other
> resources permit.  We began the port a month or two ago and anticipate an
> initial round of commits to the Perforce tree within a weeks or two.  We
> hope to have a usable prototype by June, with features expanding maturing
> as time goes by.



To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message



More information about the trustedbsd-discuss mailing list