From: Borja Marcos (BORJAMARsarenet.es)
Date: Thu May 11 2006 - 18:56:15 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Unfortunately the MAC framework just doesn't seem to get
> as much attention as I'd like. I think the problem was
> that the TrustedBSD project seemed very 'closed' in that the
> site was quite rarely updated and it was difficult to get news
> on developments. It seemed, for a long time, that nobody was
> interested in it.

Well, I am loving it, really.

> It'd be nice to see a ton of tutorials, papers and documentation
> for it. I personally would write quite a bit on it if I could get
> started
> but unfortunately my 'expertise' begins and ends at the web server
> example in the handbook.
>
> I think also the MAC framework is perceived as being too difficult
> to use and too detached from FreeBSD itself. Hopefully the latter
> will improve when BSM is integrated with the system and the
> former is entirely subjective anyway.

Well, as you increase security there is a tradeoff. But I'm trying to
come up with a reasonable balance between security and convenience.
Deploying it has important consequences on operations like, for
example, a make world. You must be aware of it.

I'm trying to do it in the Apple way: make it simple enough to be
usable, but make it strong enough :)

Borja.

_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]