programming interface for mandatory access controls
Evan S.
evms at bu.edu
Mon Aug 25 19:28:10 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> on a tangent . . .
>
> . . . it would be attractive to build a
> simple execution/flow model that would allow the
> kernel to automatically alter process DAC
> (uid/gid and privilages) and MAC (i.e. reduce
> classification) during threading / forking /
> execing (and perhaps more syscall gates?). the
> primary function of this is _not_ to produce a
> behviour model like a syscall interface but to map
> a MAC security model to known behaviours.
>
> unfortunately, although i have a clear idea of
> enhancements i would like to see from other
> TOS/MAC models i've used -- i don't have the
> knowledge to asses or attempt it.
That sounds interesting. Can you explain what you mean? I'm not sure I quite
understand.
- --
Evan Sarmiento (evms at cs.bu.edu)
WWW: http://evms.no-ip.org:8080
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (FreeBSD)
iD8DBQE/SmNMECYZSrUV88QRAvfsAKDZHvHfwaR6SzE35378w56f48MlagCgrhAc
+jMON9USDqxCcGaNbA0Jp+E=
=z6e2
-----END PGP SIGNATURE-----
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list