Subject: Re: Integrating securelevel and kauth(9)
To: Robert Watson <>
From: Daniel Carosone <>
List: tech-kern
Date: 03/29/2006 07:36:46
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Mar 28, 2006 at 05:36:41PM +0000, Robert Watson wrote:
> If anyone interested in this discussion is going to be at BSDCan, it woul=
> be great to have a BOF session on pluggable security frameworks.  Having=
> done work with a number of them (RSBAC, LSM, FLASK, TrustedBSD MAC=20
> Framework, kauth), I feel like I have something to say on the topic, but=
> also feel the last word hasn't yet been said -- these frameworks all have=
> different properties, making some things easier, and some things harder. =
Thankyou very much for your insightful and constructive
contributions. You bring perspective not only from practical
implementation and deployment, but also simply of the "bigger picture"
a suitable distance from the tangle of the immediate discussion.  This
wisdom is VERY welcome indeed.

I'm quite sure there's interest and value in commonality in these
frameworks; in addition to the pros and cons of each, the complexity
of the landscape weakens the chances of success for any of them.

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.4.2 (NetBSD)