Re: MAC policies and shared hosting
- From: Borja Marcos <BORJAMAR@xxxxxxxxxx>
- Date: Fri, 12 May 2006 01:56:15 +0200
Unfortunately the MAC framework just doesn't seem to get
as much attention as I'd like. I think the problem was
that the TrustedBSD project seemed very 'closed' in that the
site was quite rarely updated and it was difficult to get news
on developments. It seemed, for a long time, that nobody was
interested in it.
Well, I am loving it, really.
It'd be nice to see a ton of tutorials, papers and documentation
for it. I personally would write quite a bit on it if I could get started
but unfortunately my 'expertise' begins and ends at the web server
example in the handbook.
I think also the MAC framework is perceived as being too difficult
to use and too detached from FreeBSD itself. Hopefully the latter
will improve when BSM is integrated with the system and the
former is entirely subjective anyway.
Well, as you increase security there is a tradeoff. But I'm trying to come up with a reasonable balance between security and convenience. Deploying it has important consequences on operations like, for example, a make world. You must be aware of it.
I'm trying to do it in the Apple way: make it simple enough to be usable, but make it strong enough :)
Borja.
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- References:
- MAC policies and shared hosting
- From: Borja Marcos
- Re: MAC policies and shared hosting
- From: Robert Watson
- Re: MAC policies and shared hosting
- From: Borja Marcos
- Re: MAC policies and shared hosting
- From: mal content
- MAC policies and shared hosting
- Prev by Date: Re: MAC policies and shared hosting
- Next by Date: Re: Freebsd-update and 6.1-RELEASE
- Previous by thread: Re: MAC policies and shared hosting
- Next by thread: RE: Jails and loopback interfaces
- Index(es):
Relevant Pages
|
|
