From owner-p4-projects@FreeBSD.ORG Mon Aug 25 20:58:45 2008 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 456E61065677; Mon, 25 Aug 2008 20:58:45 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 08AF91065675 for ; Mon, 25 Aug 2008 20:58:45 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id DC2B28FC12 for ; Mon, 25 Aug 2008 20:58:44 +0000 (UTC) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.2/8.14.2) with ESMTP id m7PKwilJ003846 for ; Mon, 25 Aug 2008 20:58:44 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.2/8.14.1/Submit) id m7PKwiUn003844 for perforce@freebsd.org; Mon, 25 Aug 2008 20:58:44 GMT (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Date: Mon, 25 Aug 2008 20:58:44 GMT Message-Id: <200808252058.m7PKwiUn003844@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Cc: Subject: PERFORCE change 148447 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Aug 2008 20:58:45 -0000 http://perforce.freebsd.org/chv.cgi?CH=148447 Change 148447 by rwatson@rwatson_fledge on 2008/08/25 20:58:12 Updates to a number of component web pages to bring them more in sync with reality. Affected files ... .. //depot/projects/trustedbsd/www/geom.page#3 edit .. //depot/projects/trustedbsd/www/mac.page#5 edit .. //depot/projects/trustedbsd/www/privileges.page#5 edit .. //depot/projects/trustedbsd/www/sebsd.page#9 edit .. //depot/projects/trustedbsd/www/sedarwin.page#7 edit Differences ... ==== //depot/projects/trustedbsd/www/geom.page#3 (text+ko) ==== @@ -29,7 +29,7 @@ - $P4: //depot/projects/trustedbsd/www/geom.page#2 $ + $P4: //depot/projects/trustedbsd/www/geom.page#3 $ @@ -47,7 +47,7 @@

GEOM has been present in FreeBSD since FreeBSD 5.0-RELEASE, with increasing numbers of transform modules over time, including the - GELI encryption and integrity protection module..

+ GELI encryption and integrity protection module.

GEOM and GBDE were implemented by Poul-Henning Kamp.

==== //depot/projects/trustedbsd/www/mac.page#5 (text+ko) ==== @@ -37,7 +37,7 @@ - $P4: //depot/projects/trustedbsd/www/mac.page#4 $ + $P4: //depot/projects/trustedbsd/www/mac.page#5 $ @@ -45,54 +45,32 @@ TrustedBSD Mandatory Access Control (MAC) Framework -

- Perforce: - //depot/projects/trustedbsd/mac/... -

-

- Collection: - p4-cvs-trustedbsd-mac -

-

Mandatory access controls extend discretionary access - controls by allowing administrators to enforce additional - security for all subjects (e.g. processes or sockets) and - objects (e.g. sockets, file system objects, sysctl nodes) in - the system. Development of those new access control models - is facilitated by the development of a flexible kernel - access control extension framework, the TrustedBSD MAC - Framework. This permits new access control models to be - introduced as kernel modules.

+

Mandatory access controls extend operating system access control + policy by allowing administrators to enforce additional constraints + on user and application behavior. + The TrustedBSD MAC Framework is a kernel programming interface + allowing loadable modules to augment the system security policy in + order to implement mandatory access control in a flexible manner.

-

Currently, modules exist that implement MLS (Multi-Level - Security), a fixed-label Biba integrity policy, Type - Enforcement, and several other security policies that - reflect common requirements of typical FreeBSD deployment - environments, such as mandatory limits on inter-user - visibility in multi-user environments. The current - implementation of Low-Watermark MAC (LOMAC) will also be - ported to use the module framework. In addition, the - DARPA-funded Network Associates Laboratories' CBOSS Project - is porting the NSA FLASK/SELinux implementation (SEBSD) to - run as an extension model over the TrustedBSD MAC Framework. - More information on the SEBSD module may be found on the - SEBSD page.

+

The TrustedBSD MAC Framework first shipped in FreeBSD 5.0, with + significant functionality, quality, and performance enhancements in + later releases. Supported policy modules include rule-based file + system firewall support, TCP/UDP port access control lists, + inter-user process visibility controls, as well as classic mandatory + access control policies such as Multi-Level Security (MLS) with + compartments, and fixed- and floating-label Biba integrity policies. + Third party policy modules include cryptographic checksums on system + binaries, and SEBSD, a port of the NSA + FLASK/SELinux policy to FreeBSD. A number of commercial + FreeBSD-based products make use of the TrustedBSD MAC Framework to + locally modify the operating system security policy.

-

This work is primarily occuring in a TrustedBSD Perforce - branch, but much of the framework has been merged to the - main FreeBSD development tree and was included in FreeBSD - 5.0 and forwards. The current implementation is appropriate - for experimental or limited production use; both internal - and exposed MAC APIs will not be frozen until 5.2-RELEASE. - All policy modules with the exception of the SEBSD - implementation have been merged into the FreeBSD tree at - this point.

- -

Work has also recently begun on an experimental port of - the TrustedBSD MAC Framework from FreeBSD to Apple's - Darwin operating system. - Information on this port may be found on the SEDarwin page.

+

The TrustedBSD MAC Framework is also present in Mac + OS X as of the Leopard release, where it is used to implement + Seatbelt and other system security services. A port of FLASK and + SELinux is also available via SEDarwin.

==== //depot/projects/trustedbsd/www/privileges.page#5 (text+ko) ==== @@ -29,7 +29,7 @@ - $P4: //depot/projects/trustedbsd/www/privileges.page#4 $ + $P4: //depot/projects/trustedbsd/www/privileges.page#5 $ @@ -46,11 +46,12 @@ p4-cvs-trustedbsd-cap

-

NB: Historically this project was referred to as fine-grained +

Historically this project was referred to as fine-grained capabilities, but due to a vocabulary conflict, it has been renamed to fine-grained privileges. Information in this page currently refers to a FreeBSD 5.x-era project to support fine-grained privileges, and - will shortly be superseded by a similar project for FreeBSD 8.x.

+ will shortly be superseded by a similar project for FreeBSD + 8.x.

POSIX.1e breaks root privilege into a set of privileges (historically referred to as "Capabilities"), which allow the ==== //depot/projects/trustedbsd/www/sebsd.page#9 (text+ko) ==== @@ -32,12 +32,12 @@ SUCH DAMAGE. --> - + SEBSD - $P4: //depot/projects/trustedbsd/www/sebsd.page#8 $ + $P4: //depot/projects/trustedbsd/www/sebsd.page#9 $ ==== //depot/projects/trustedbsd/www/sedarwin.page#7 (text+ko) ==== @@ -31,12 +31,12 @@ SUCH DAMAGE. --> - + SEDarwin - $P4: //depot/projects/trustedbsd/www/sedarwin.page#6 $ + $P4: //depot/projects/trustedbsd/www/sedarwin.page#7 $ @@ -45,40 +45,18 @@ policy module to Apple's Darwin operating system -

- Perforce: - //depot/projects/trustedbsd/sedarwin7/... -

-

- Collection: - p4-cvs-trustedbsd-sedarwin -

-

SEDarwin is a port of the TrustedBSD MAC - Framework access control extension framework to Apple's - Darwin operating system platform, along with a port of the - SEBSD policy module. - SEDarwin is highly experimental, but is currently sufficiently - functional to allow the enforcement of mandatory process - and file protections under Mac OS 10.3.8 and Darwin 7.3 on - a variety of Apple PowerPC hardware. +

The SEDarwin Project consisted of two parts: a port of the + TrustedBSD MAC Framework to the Mac OS X + operating system, and a similar adaptation of SEBSD to MAC OS X based on that port. This + port was made available against Mac OS X Panther and Mac OS X Tiger; + as of Mac OS X Leopard, the TrustedBSD MAC Framework is now + available as part of the shipping Mac OS X product.

- The SEDarwin project has recently moved to it's own website at +

The SEDarwin project has recently moved to it's own website at www.sedarwin.org. More - information and current versions of SEDarwin can be found there. -

- -

The Darwin Security Extension Project (DSEP) complements the - SEDarwin work, but has a different goal. DSEP is primarily concerned - with updating and maintaining the TrustedBSD MAC Framework on - Darwin. While still experimental, the MAC Framework has been - updated to support Mac OS X "Tiger", currently supporting Mac OS X - 10.4.3 (Darwin 8.4). Note that the DSEP releases typically won't - have the newest FLASK and SELinux components; they will be migrated - to the Tiger platform soon.

- -

The DSEP sources have also recently moved to - sedarwin.org

+ information and current versions of SEDarwin can be found there.