Date: Mon, 13 Feb 2006 14:52:37 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 91674 for review Message-ID: <200602131452.k1DEqbDN092400@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=91674 Change 91674 by rwatson@rwatson_fledge on 2006/02/13 14:51:45 Give audit its own web page; expand/clarify/enhance/fix/update text relating to Audit and OpenBSM. Affected files ... .. //depot/projects/trustedbsd/www/Makefile#3 edit .. //depot/projects/trustedbsd/www/audit.page#1 add .. //depot/projects/trustedbsd/www/components.page#3 edit .. //depot/projects/trustedbsd/www/openbsm.page#3 edit .. //depot/projects/trustedbsd/www/sidebar.xml#2 edit Differences ... ==== //depot/projects/trustedbsd/www/Makefile#3 (text+ko) ==== @@ -28,7 +28,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/trustedbsd/www/Makefile#2 $ +# $P4: //depot/projects/trustedbsd/www/Makefile#3 $ STYLESHEET= page.xsl @@ -44,6 +44,7 @@ SRCS+= openbsm.page SRCS+= sebsd.page SRCS+= sedarwin.page +SRCS+= audit.page IMGS= components.gif componentsgray.gif IMGS+= developers.gif developersgray.gif docs.gif ==== //depot/projects/trustedbsd/www/components.page#3 (text+ko) ==== @@ -37,7 +37,7 @@ <cvs:keywords xmlns:cvs="http://www.FreeBSD.org/XML/CVS" version="1.0"> <cvs:keyword name="freebsd"> - $P4: //depot/projects/trustedbsd/www/components.page#2 $ + $P4: //depot/projects/trustedbsd/www/components.page#3 $ </cvs:keyword> </cvs:keywords> @@ -103,12 +103,17 @@ </p> <p>Event auditing permits the selective logging of - security-relevant system events for the purposes of - analysis. Several experimental implementations of audit - for FreeBSD have been explored; the current implementation is - based on <a href="openbsm.html">OpenBSM</a>, an open source - implementation of Sun's Basic Security Module (BSM) API and file - format donated by Apple Computer, Inc.</p> + security-relevant system events for the purposes of post-mortem + analysis, intrusion detection, and system monitoring. The + <a href="audit.html">TrustedBSD audit implementation</a> + provides a complete kernel audit event framework, extensive + auditing of system events, and user space application + integration. The user space libraries, tools, and file format + are based on the de facto industry standard Sun Basic Security + Module (BSM) API and file format. The <a href="openbsm.html"> + OpenBSM library and tool suite</a> provides a portable, + BSD-licensed implementation, and is based on source code + donated by Apple Computer, Inc.</p> </dd> <a name="eas" /> ==== //depot/projects/trustedbsd/www/openbsm.page#3 (text+ko) ==== @@ -29,7 +29,7 @@ <cvs:keywords xmlns:cvs="http://www.FreeBSD.org/XML/CVS" version="1.0"> <cvs:keyword name="freebsd"> - $P4: //depot/projects/trustedbsd/www/openbsm.page#2 $ + $P4: //depot/projects/trustedbsd/www/openbsm.page#3 $ </cvs:keyword> </cvs:keywords> @@ -45,10 +45,14 @@ <p>OpenBSM is an open source implementation of Sun's Basic Security Module (BSM) Audit API and file format. - BSM, the de facto standard for Audit, describes a set of system call - and library interfaces for managing audit records, as well as a token - stream file format that permits extensible and generalized audit - trail processing.</p> + BSM, the de facto industry standard for Audit, describes a set of + system call and library interfaces for managing audit records, as + well as a token stream file format that permits extensible and + generalized audit trail processing. + OpenBSM extends the BSM API and file format in a number of ways to + support features present in the Mac OS X and FreeBSD operating + systems, such as Mach task interfaces, sendfile(), and Linux system + calls present in the FreeBSD Linux emulation layer.</p> <p>OpenBSM includes system include files appropriate for inclusion in an operating system implementation of Audit, libbsm, an @@ -60,14 +64,12 @@ easier audit trail analysis, including a pattern matching library.</p> - <p>OpenBSM is an important component of the <a - href="components.html#audit">TrustedBSD Audit Implementation</a> for - FreeBSD, providing tools, libraries, and include files. - The first official release of OpenBSM will be made shortly before - the <a href="news.html">TrustedBSD audit presentation at BSDCan</a>, - where members of the TrustedBSD team will describe the operation of - Audit on Darwin and FreeBSD, the components of OpenBSM, and how to - develop with the BSM APIs and file format.</p> + <p>OpenBSM is the core user space component of the <a + href="audit.html">TrustedBSD Audit Implementation</a> for + FreeBSD, providing tools, libraries, and include files. Pre-releases + of OpenBSM are now available as part of the FreeBSD 7-CURRENT branch, + as integration of audit into the FreeBSD CVS tree is largely + complete.</p> <p>OpenBSM is derived from the BSM audit implementation found in Apple's open source Darwin operating system, generously released by ==== //depot/projects/trustedbsd/www/sidebar.xml#2 (text+ko) ==== @@ -8,11 +8,12 @@ <h2 class="section">Components</h2> <ul> <li><a href="components.html#acls">Access Control Lists</a></li> - <li><a href="components.html#audit">Event Auditing and OpenBSM</a></li> + <li><a href="audit.html">Security Event Auditing</a></li> <li><a href="components.html#eas">Extended Attributes</a></li> <li><a href="components.html#capabilities">Fine-Grained Capabilities</a></li> <li><a href="mac.html">Mandatory Access Control</a></li> + <li><a href="openbsm.html">OpenBSM</a></li> <li><a href="sebsd.html">Security-Enhanced BSD (SEBSD)</a></li> <li><a href="sedarwin.html">Security-Enhanced Darwin (SEDarwin)</a></li> <!-- To be completed: Historical Patches -->
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200602131452.k1DEqbDN092400>