Subject: Re: Integrating securelevel and kauth(9)
To: Robert Watson <rwatson@FreeBSD.org>
From: Daniel Carosone <email@example.com>
Date: 03/29/2006 07:36:46
Content-Type: text/plain; charset=us-ascii
On Tue, Mar 28, 2006 at 05:36:41PM +0000, Robert Watson wrote:
> If anyone interested in this discussion is going to be at BSDCan, it woul=
> be great to have a BOF session on pluggable security frameworks. Having=
> done work with a number of them (RSBAC, LSM, FLASK, TrustedBSD MAC=20
> Framework, kauth), I feel like I have something to say on the topic, but=
> also feel the last word hasn't yet been said -- these frameworks all have=
> different properties, making some things easier, and some things harder. =
Thankyou very much for your insightful and constructive
contributions. You bring perspective not only from practical
implementation and deployment, but also simply of the "bigger picture"
a suitable distance from the tangle of the immediate discussion. This
wisdom is VERY welcome indeed.
I'm quite sure there's interest and value in commonality in these
frameworks; in addition to the pros and cons of each, the complexity
of the landscape weakens the chances of success for any of them.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (NetBSD)
-----END PGP SIGNATURE-----