TrustedBSD status from Oct-Dec 2003
Robert Watson
rwatson at FreeBSD.org
Fri Feb 13 20:48:00 GMT 2004
On Mon, 2 Feb 2004, Ilmar S. Habibulin wrote:
> On Wed, 28 Jan 2004, Robert Watson wrote:
>
> > TrustedBSD Audit
> >
> > URL: http://www.trustedbsd.org/components.html#audit
> >
> > Contact: Robert Watson <rwatson at FreeBSD.org>
> > Contact: TrustedBSD Audit Discussion List
> > <trustedbsd-audit at TrustedBSD.org>
> >
> > The TrustedBSD Project is producing an implementation of CAPP compliant
> > Audit support for use with FreeBSD. Little progress was made on this
> > implementation between October and December other than an update to the
> > existing development tree. However, in January, work began on porting the
> > Darwin Audit implementation to FreeBSD. Details on this work will appear
> > in the next report; more information is available on the TrustedBSD audit
> > discussion list. Perforce messages may be seen on the trustedbsd-cvs
> > mailing list.
>
> When would it be possible to have cvs read access to a working audit
> implementation? Maybe i can help putting in audit code into syscalls.
A partial implementation of Audit appears in the open source Darwin 7
kernel tree. You can peruse that at:
http://fxr.watson.org/fxr/source/?v=DARWIN7
I've done a partial port of the partial implementation to the
trustedbsd_audit2 branch, which you can peruse using:
http://perforce.freebsd.org/dtb.cgi?FSPC=depot/projects/trustedbsd/audit2&HIDEDEL=NO
You can find the changes largely in sys/security/audit. I believe I have
a fair amount of the basic framework ported -- the primary differences lay
in locking requirements (hazy in Darwin, increasingly well-defined in
FreeBSD), memory allocation, and some VFS differences. In particular,
porting from Mach synchronization primitives to the somewhat semantically
richer FreeBSD 5 SMPng primitives (yay condvar(9)). However, I did most
of this work in early January when I had some free time, and that free
time has since evaporated. I hope to get back to looking at it in detail
in March.
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert at fledge.watson.org Senior Research Scientist, McAfee Research
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list