Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 2 Dec 1999 21:23:29 +0300 (MSK)
From:      "Ilmar S. Habibulin" <ilmar@ints.ru>
To:        freebsd-security@freebsd.org
Cc:        posix1e@cyrus.watson.org
Subject:   Reference monitor concept implementation
Message-ID:  <Pine.BSF.4.21.9912022106320.44880-100000@ws-ilmar.ints.ru>

next in thread | raw e-mail | index | archive | help

I do not know where is better to address this, maybe to -arch?
While reading the description of WinNT security subsystem i noticed that
something called Security Reference Monitor, which handles all access
requests and grands or denys them. That is the thing Orange Book is
talking about.
If you'll look through the freebsd source, you can see that all fs drivers
handles access requests by themselves. At the same time the codes are
equal. I suggest to change fs drivers and kernel so that fs drivers will
suply kernel with security attributes of the files(directories and so
on) and kernel will make decision on granting or denying access.
There would be much more easy to implement different access control
mechanisms in such system.

PS. My early Mandatory Access Control implementation was coded in the FFS
driver. While trying to spread MAC to other objects i understand my
mistake. Now MAC is in syscalls. 

So what people would you say?




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.9912022106320.44880-100000>