Subject: Re: The reason for securelevel
To: Gilbert Fernandes <>
From: Elad Efrat <>
List: tech-security
Date: 01/28/2006 19:55:56
Gilbert Fernandes wrote:

> Perhaps the first thing we could start with is the ps command.
> Modify it so a user can only see his own processes and root being
> able to see all of them. Should be implementable without breaking
> everything :)

already done that -- see sysctl knob security.curtain in -current;
it affects ps and netstat for now. search the archives.

> Do you think we should do small changes and prepare something
> bigger like ACL implementation for later ?

"we"? i don't remember seeing any code from you so far. :)

acl is not too hard and is already in the works as part of the
kauth stuff. what we're really lacking is support for extended
attributes in ufs2. again, search the archives.

> There are some interesting stuff in FreeBSD we could use. 

like? i already said that as far as security goes there is nothing
in freebsd i'm interested in. search the archives!

> It's
> code, under BSD licence and it would be a good start rather than
> starting from a blank page.

did you look at the bsd-licensed code that is the MAC framework?
what can you use it to achieve? have you not read my opinion on
MAC? MAC is the last thing i want to waste my time (or see others
waste their time) on.

> My knowledge of ACL is close to NULL so I won't be able to help a
> lot there :/

where would you be able to help? (for cases where help means code)


Elad Efrat