Date: Sun, 28 Apr 2002 16:16:52 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.ORG> To: Richard Arends <richard@unixguru.nl> Cc: current@FreeBSD.ORG Subject: Re: truss Message-ID: <Pine.NEB.3.96L.1020428161437.64976N-100000@fledge.watson.org> In-Reply-To: <20020428220902.Y86520-100000@mail.unixguru.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 28 Apr 2002, Richard Arends wrote: > On Sun, 28 Apr 2002, Robert Watson wrote: > > > BTW, 5.0 will also allow (once we commit the MAC framework from the > > TrustedBSD Project) kernel modules to tweak process visibility protections > > in the kernel at runtime. For example, you can kldload a > > mac_seeotheruids.ko policy module, which can limit what processes can view > > of other processes based on a number of factors, including uids, and > > information it tags onto the processes. It can also limit access to > > socket information listed in netstat, etc. > > When will the TrustedBSD modules commited to current?? The current (vague) plan is to commit them around mid-June, but that may slip a bit depending on development rate. Early access to the feature set is possible via Perforce, or from cvsup10.FreeBSD.org. I'm hoping to have the basic kernel feature set ready for integration by early June, so we might integrate back the changes back into the main tree in phases. I have to warn you that the stuff in the branch is moving pretty quickly, and there are some known poor interactions, especially with non-IP networking types, that we're still tracking down. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1020428161437.64976N-100000>