Date: Mon, 17 Jun 2019 20:15:55 +0530 From: Shivank Garg <shivank@freebsd.org> To: freebsd-hackers@freebsd.org, "Bjoern A. Zeeb" <bz+soc@freebsd.org> Message-ID: <CAOVCmzHt3at2rL-rP5KaT5pgbb20tazUEmJ6br=8a_YHzYMdQA@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, Everyone! This project is aimed at developing a loadable MAC module with the "The TrustedBSD MAC Framework" to limit the set of IP addresses a VNET-enabled Jail can choose from. This Week- - I compiled a basic MAC policy module which restricts from setting Jail's IP address. - Read about syctl. - Wrote a test shell script and test cases for the module. - I thought about the design and plausible improvements in design Do Check this project on Github: https://github.com/shivankgarg98/freebsd/tree/shivank_MACPolicyIPAddressJail/sys/security/mac_ipacl FreeBSD wiki: https://wiki.freebsd.org/SummerOfCode2019Projects/MACPolicyIPAddressJail Please feel free to share your ideas and feedback on this project. Regards, Shivank Garg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOVCmzHt3at2rL-rP5KaT5pgbb20tazUEmJ6br=8a_YHzYMdQA>