From owner-p4-projects@FreeBSD.ORG Mon Feb 13 14:52:56 2006 Return-Path: X-Original-To: p4-projects@freebsd.org Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 97B2916A423; Mon, 13 Feb 2006 14:52:55 +0000 (GMT) X-Original-To: perforce@freebsd.org Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 50E7616A422 for ; Mon, 13 Feb 2006 14:52:55 +0000 (GMT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 18EB043D7F for ; Mon, 13 Feb 2006 14:52:38 +0000 (GMT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id k1DEqbXE092403 for ; Mon, 13 Feb 2006 14:52:38 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id k1DEqbDN092400 for perforce@freebsd.org; Mon, 13 Feb 2006 14:52:37 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Mon, 13 Feb 2006 14:52:37 GMT Message-Id: <200602131452.k1DEqbDN092400@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Cc: Subject: PERFORCE change 91674 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Feb 2006 14:52:56 -0000 http://perforce.freebsd.org/chv.cgi?CH=91674 Change 91674 by rwatson@rwatson_fledge on 2006/02/13 14:51:45 Give audit its own web page; expand/clarify/enhance/fix/update text relating to Audit and OpenBSM. Affected files ... .. //depot/projects/trustedbsd/www/Makefile#3 edit .. //depot/projects/trustedbsd/www/audit.page#1 add .. //depot/projects/trustedbsd/www/components.page#3 edit .. //depot/projects/trustedbsd/www/openbsm.page#3 edit .. //depot/projects/trustedbsd/www/sidebar.xml#2 edit Differences ... ==== //depot/projects/trustedbsd/www/Makefile#3 (text+ko) ==== @@ -28,7 +28,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/trustedbsd/www/Makefile#2 $ +# $P4: //depot/projects/trustedbsd/www/Makefile#3 $ STYLESHEET= page.xsl @@ -44,6 +44,7 @@ SRCS+= openbsm.page SRCS+= sebsd.page SRCS+= sedarwin.page +SRCS+= audit.page IMGS= components.gif componentsgray.gif IMGS+= developers.gif developersgray.gif docs.gif ==== //depot/projects/trustedbsd/www/components.page#3 (text+ko) ==== @@ -37,7 +37,7 @@ - $P4: //depot/projects/trustedbsd/www/components.page#2 $ + $P4: //depot/projects/trustedbsd/www/components.page#3 $ @@ -103,12 +103,17 @@

Event auditing permits the selective logging of - security-relevant system events for the purposes of - analysis. Several experimental implementations of audit - for FreeBSD have been explored; the current implementation is - based on OpenBSM, an open source - implementation of Sun's Basic Security Module (BSM) API and file - format donated by Apple Computer, Inc.

+ security-relevant system events for the purposes of post-mortem + analysis, intrusion detection, and system monitoring. The + TrustedBSD audit implementation + provides a complete kernel audit event framework, extensive + auditing of system events, and user space application + integration. The user space libraries, tools, and file format + are based on the de facto industry standard Sun Basic Security + Module (BSM) API and file format. The + OpenBSM library and tool suite provides a portable, + BSD-licensed implementation, and is based on source code + donated by Apple Computer, Inc.

==== //depot/projects/trustedbsd/www/openbsm.page#3 (text+ko) ==== @@ -29,7 +29,7 @@ - $P4: //depot/projects/trustedbsd/www/openbsm.page#2 $ + $P4: //depot/projects/trustedbsd/www/openbsm.page#3 $ @@ -45,10 +45,14 @@

OpenBSM is an open source implementation of Sun's Basic Security Module (BSM) Audit API and file format. - BSM, the de facto standard for Audit, describes a set of system call - and library interfaces for managing audit records, as well as a token - stream file format that permits extensible and generalized audit - trail processing.

+ BSM, the de facto industry standard for Audit, describes a set of + system call and library interfaces for managing audit records, as + well as a token stream file format that permits extensible and + generalized audit trail processing. + OpenBSM extends the BSM API and file format in a number of ways to + support features present in the Mac OS X and FreeBSD operating + systems, such as Mach task interfaces, sendfile(), and Linux system + calls present in the FreeBSD Linux emulation layer.

OpenBSM includes system include files appropriate for inclusion in an operating system implementation of Audit, libbsm, an @@ -60,14 +64,12 @@ easier audit trail analysis, including a pattern matching library.

-

OpenBSM is an important component of the TrustedBSD Audit Implementation for - FreeBSD, providing tools, libraries, and include files. - The first official release of OpenBSM will be made shortly before - the TrustedBSD audit presentation at BSDCan, - where members of the TrustedBSD team will describe the operation of - Audit on Darwin and FreeBSD, the components of OpenBSM, and how to - develop with the BSM APIs and file format.

+

OpenBSM is the core user space component of the TrustedBSD Audit Implementation for + FreeBSD, providing tools, libraries, and include files. Pre-releases + of OpenBSM are now available as part of the FreeBSD 7-CURRENT branch, + as integration of audit into the FreeBSD CVS tree is largely + complete.

OpenBSM is derived from the BSM audit implementation found in Apple's open source Darwin operating system, generously released by ==== //depot/projects/trustedbsd/www/sidebar.xml#2 (text+ko) ==== @@ -8,11 +8,12 @@

Components