HEADS UP: PERFORCE change 8204 for review (fwd)

Robert Watson rwatson at FreeBSD.org
Wed Mar 27 16:57:48 GMT 2002


On Wed, 27 Mar 2002, Ilmar S. Habibulin wrote:

> On Fri, 22 Mar 2002, Robert Watson wrote:
> 
> > For those interested, SEBSD is a on-going port of the SELinux FLASK and
> > Type Enforcement implementations to run on top of the TrustedBSD MAC
> > framework.  This work is occurring as part of an extension to the DARPA
> > CBOSS contract at NAI Labs, and will provide access to NSA FLASK and the
> > Type Enforcement implementations as pluggable modules on FreeBSD 5.0. With
> 
> I've just checked the new code and looked it through a little bit. There
> is own MLS implementation there. Would it be use separately from
> trustedbsd one, on top of trustedbsd one(so SE MLS stuff would be
> rewritten) or trustedbsd one would go away? 
> 
> And i'd like to discuss bitmap issues also. I saw some use of bitmaps in
> SE code, but i think it's better to implement some more generic
> mechanism, like userland bitstring. I'm trying to add compartments,
> using imported bitstring macroses. 

Currently, the set of labeled MAC policies goes something like this:

TrustedBSD MAC
- MLS
- Biba
- TE
- SEBSD

SEBSD
- MLS
- RBAC
- TE

We plan to deprecate the TrustedBSD implementation and rely solely on
SEBSD to provide TE (since they have a much more mature implementation,
and ours was really just experimental).  The SEBSD module will continue to
provide a straight port of FLASK along with the various implemented
policies it provides, such as MLS.  We'll continue to provide the
TrustedBSD MLS and Biba implementations, also, as well as a number of
other customized policy modules providing various useful mandatory and
semi-mandatory security services. 

> > the current level of funding, we anticipate a workable experimental
> > implementation when 5.0 is released in November.  Obviously, we'd like to
> > see that become a production-worthy implementation as time and other
> > resources permit.  We began the port a month or two ago and anticipate an
> > initial round of commits to the Perforce tree within a weeks or two.  We
> > hope to have a usable prototype by June, with features expanding maturing
> > as time goes by.

Just FYI, the primary function of the current import is to compile, and
load policy.  While label space has been reserved in the static labels for
subjects and various objects, we're still early in the process of
processing those labels on the FLASK side.  We're also in the process of
moving to entirely dynamic MAC labeling (Brian has made a number of
commits over the last week or so to move us in that direction, including
allowing modules to request state, and allowing the MAC framework to
process objects at initialization and destruction so that state can be
easily managed and released).  We'll continue to move in this direction --
one immediate benefit will be that we'll no longer be constrained by mbuf
size as we'll allow outside memory storage in a more useful way,
permitting larger MAC labels if desired.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Project
robert at fledge.watson.org      NAI Labs, Safeport Network Services



To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message



More information about the trustedbsd-discuss mailing list