Subject: Re: SE Linux vs SE NetBSD !!
To: Todd C. Miller <>
From: Travis H. <>
List: tech-kern
Date: 08/24/2006 20:03:52
On 8/23/06, Todd C. Miller <> wrote:
> > Why dont have SE extensions ported to NetBSD??? Any idea of porting
> > for NetBSD??? IMHO its a great idea!!!


> Note that the kernel side of things is only one part of it.  You
> still would need to write a security policy for NetBSD (or adapt
> the existing Linux one) in the SELinux policy language which is no
> small feat.

I'd like to see MAC ported to NetBSD, but in the meantime it appears
that Elad is diligently working on a more granular securelevel and
integration with kauth, which accomplishes much of the same thing;
IIUC basically securelevel is designed to prevent persistent changes
to the critical files that control initial boot, so that a reboot can
get you into a trusted state.

For more info, see the threads here:
"If you're not part of the solution, you're part of the precipitate."
Unix "guru" for rent or hire -><-
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066  151D 0A6B 4098 0C55 1484