From owner-freebsd-current Sun Apr 28 13:14:28 2002 Delivered-To: freebsd-current@freebsd.org Received: from mail.unixguru.nl (cc49923-a.emmen1.dr.nl.home.com [212.204.178.120]) by hub.freebsd.org (Postfix) with ESMTP id BB9BA37B41C; Sun, 28 Apr 2002 13:14:21 -0700 (PDT) Received: from mail (mail [192.168.10.4]) by mail.unixguru.nl (8.12.3/8.12.3) with ESMTP id g3SKEHEQ093925; Sun, 28 Apr 2002 22:14:17 +0200 (CEST) (envelope-from richard@unixguru.nl) Date: Sun, 28 Apr 2002 22:14:17 +0200 (CEST) From: Richard Arends To: Robert Watson Cc: current@FreeBSD.ORG Subject: Re: truss In-Reply-To: Message-ID: <20020428220902.Y86520-100000@mail.unixguru.nl> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, 28 Apr 2002, Robert Watson wrote: > BTW, 5.0 will also allow (once we commit the MAC framework from the > TrustedBSD Project) kernel modules to tweak process visibility protections > in the kernel at runtime. For example, you can kldload a > mac_seeotheruids.ko policy module, which can limit what processes can view > of other processes based on a number of factors, including uids, and > information it tags onto the processes. It can also limit access to > socket information listed in netstat, etc. When will the TrustedBSD modules commited to current?? Greetings, Richard. ---- An OS is like swiss cheese, the bigger it is, the more holes you get! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message