Fw: PERFORCE change 18676 for review
Ilmar S. Habibulin
ilmar at watson.org
Wed Oct 16 08:14:02 GMT 2002
On Fri, 4 Oct 2002, Adam Migus wrote:
> All,
> I've just submitted my implementation of compartments for the MAC/MLS
> policy. The commit message below contains the details. If you have any
> questions let me know. Please note: This increases the size of the label
> in userland. Consequently, persistant label store will need to be
> reinitialized.
I thought that compartments should be implemented in BIBA model too. And
IPSEC RFCs says so.
Is '+' the only one delimiter possible? And do you plan to use more human
readable label text? I had some sort of dictionaries in /etc/mac and
mac_{to,from}_text() use these dictionaries translating label from human
readable text to machine representation. So there was
mac/secret+proj_a+proj_b, not mac/1+1+2.
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list