On Thu, 8 Nov 2007, Andrea Campi wrote:

> On Wed, Nov 07, 2007 at 10:20:28PM -0500, dexterclarke@Safe-mail.net wrote:
>
>> I'm considering developing a policy/module for TrustedBSD loosely based on
>> the systrace concept - A process loads a policy and then executes another
>> program in a sandbox with fine grained control over what that program can
>> do.

> ...
>> Please note that the 'policy' given on the command line is purely for the
>> sake of example, no syntax or semantics have been decided upon.

>
> Can't comment on the implementation or wider issues, but if you pursue this,
> please have a look at how MacOS Leopard does it (Seatbelt). Would be nice to
> converge on both syntax (a Schema dialect) and tools names / command line
> args--or if converging is not possible, at least know where and why and make
> a conscious decision.


FYI, Seatbelt is based on the Mac OS X port of the TrustedBSD MAC Framework,
which while it has some significant changes (some now present in the 8-CURRENT
branch of FreeBSD), may well be a good starting point. Last I checked, the
source for Seatbelt wasn't yet available, but there was hope it would be
available in the near future. A port of the policy to FreeBSD sounds like it
would be very interesting to do, and might provide a nice starting point
rather than having to write up a policy from scratch.

Robert N M Watson
Computer Laboratory
University of Cambridge
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/lis...reebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"