Re: FreeBSD and MAC



On Wed, 18 Mar 2009, Gabriele Modena wrote:

2009/3/17 Robert Watson <rwatson@xxxxxxxxxxx>:

Right now no one is maintaining the SEBSD module; this is unfortunate, but largely a property of people having enough time.  If this is something you can contribute to (or anyone else who's interested) I'm happy to provide pointers and advice.

Could this be a valid Google Summer of Code project?

I am about to write a proposal for this summer; my idea was related to semantic file systems (in a way to combine my interest in kernel hacking to my current research interest in information retrieval) and I am still reading background literature about that.

If there is interest from the community, SEBSD/TrustedBSD would be another area I would like to work on. In the past I worked a bit (at a hobbyst level) with SELinux and I have a background in security and (linux) kernel hacking.

In both cases I am interested in working on FreeBSD during the summer with or without a Google's grant.

Yes, I think this would be a good GSoC project, although it is quite large so I think you'd need to break it up into parts and plan not to complete all of them in one summer. I think the first step would be to slide the current SEBSD port forward to a newer FreeBSD version, then work towards updating the SEBSD parts from new Linux parts. It would also be worth chatting with NSA (et al) about whether non-GPL'd kernel parts are available. I know there's some on-going OpenSolaris porting work, and CDDL and GPL mix like water and oil, as I understand it, so there may be. I would be happy to lend technical advice to a project to do the above updates, and I suspect more hands would turn up once someone was clearly driving things forwards, GSoC project or not.

The advice I'm giving all students, btw, is that if you're submitting a proposal based on one of our project ideas on the web page, consider submitting multiple proposals, as in previous years we've found ourselves having to pick just one of several promising students because they all picked the same idea and there was really room for only one instance of the project. Since you're talking about proposing ideas not on the list, that caution probably doesn't apply in the same way, but submitting multiple proposals (given enough time invested in each) likely will improve the chances that we can select you.

Thanks,

Robert N M Watson
Computer Laboratory
University of Cambridge_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"