From owner-freebsd-hackers@FreeBSD.ORG  Sun Sep 12 18:34:42 2004
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4FE5916A4CE
	for <freebsd-hackers@freebsd.org>;
	Sun, 12 Sep 2004 18:34:42 +0000 (GMT)
Received: from mongers.org (miracle.mongers.org [193.162.142.71])
	by mx1.FreeBSD.org (Postfix) with SMTP id 1C6F943D4C
	for <freebsd-hackers@freebsd.org>;
	Sun, 12 Sep 2004 18:34:41 +0000 (GMT)	(envelope-from m@mongers.org)
Received: (qmail 15042 invoked by uid 1021); 12 Sep 2004 18:34:38 -0000
Date: Sun, 12 Sep 2004 20:34:15 +0200
From: Morten Liebach <m@mongers.org>
To: freebsd-hackers@freebsd.org
Message-ID: <20040912183437.GF20097@mongers.org>
References: <2B4221DF-04CD-11D9-8975-000A95AFBEB4@mac.com>
	<E1C6Xgx-0004ZH-00.shmukler-mail-ru@f29.mail.ru>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
In-Reply-To: <E1C6Xgx-0004ZH-00.shmukler-mail-ru@f29.mail.ru>
User-Agent: Mutt/1.4.1i
X-Accept-Language: dansk, english
X-Organisation: Hollow Chocolate Bunnies of Death, Inc.
X-PGP-Key-ID: F1360CA9
X-PGP-Key-URL: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF1360CA9
X-PGP-Key-Fingerprint: 8CF5 32EE A5EC 36B2 4E3F  ACDF 6D86 BEB3 F136 0CA9
Subject: Re: FreeBSD on Xserve?
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Sep 2004 18:34:42 -0000

On 2004-09-12 20:59:07 +0400, Igor Shmukler wrote:

> If original author wants to mature OS with MAC and SMP support SELinux
> might be a good candidate.
> However, Linux does not have jails. Only other OS that has them is
> Solaris 10 which does not run on PPC.

There's something named User Mode Linux which seems to be a little like
jails.  I haven't got the faintest idea how well it works.
 
> I am not sure what kind of stack protection was referred in the
> original email. OpenBSD has propolis, but I was under impression there
> is no such option in FreeBSD. I recall that it was decided that
> security by obscurity will not make it into the kernel.

It's "propolice".
 
Maybe http://www.trl.ibm.com/projects/security/ssp/buildfreebsd.html
would be of interest.

There's more than just obscurity to it, but it is obviously better to
have correct code to begin with, then things like Propolice isn't
needed...
 
Have a nice day
                                 Morten

-- 
http://m.mongers.org/ -- http://gallery.zentience.org/
__END__