From owner-freebsd-security@FreeBSD.ORG  Sat Jul  8 10:16:01 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@FreeBSD.org
Delivered-To: freebsd-security@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 8503616A4E1;
	Sat,  8 Jul 2006 10:16:01 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 199DF43D58;
	Sat,  8 Jul 2006 10:16:01 +0000 (GMT)
	(envelope-from rwatson@FreeBSD.org)
Received: from fledge.watson.org (fledge.watson.org [209.31.154.41])
	by cyrus.watson.org (Postfix) with ESMTP id BA35E46D00;
	Sat,  8 Jul 2006 06:16:00 -0400 (EDT)
Date: Sat, 8 Jul 2006 11:16:00 +0100 (BST)
From: Robert Watson <rwatson@FreeBSD.org>
X-X-Sender: robert@fledge.watson.org
To: trustedbsd-discuss@TrustedBSD.org
Message-ID: <20060708111221.M94284@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-security@FreeBSD.org
Subject: Poll for users: mac_partition and mac_ifoff policies
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Jul 2006 10:16:01 -0000


Dear all,

I'm currently in the process of reviewing the use of the MAC Framework in 
FreeBSD, following meetings at the developer summit about proposed 
simplifications and enhancements.  One of the on-going concerns I have had is 
that several of the policies we ship are reference implementation policies, 
rather than reference user policies:

mac_ifoff	- Interface silencing
mac_partition	- Process space partitions
mac_stub	- Stub MAC policy entry points
mac_test	- Invariants testing

While mac_stub and mac_test are both extremely useful for devleopers as 
shipped, it's not clear to me that mac_ifoff and mac_partition offer 
significantly similar value, and as they are reference policies rather than 
production policies, my leaning is to provide them as downloads on the 
TrustedBSD web site and via p4, but to not ship them with FreeBSD 7.0.  So 
this e-mail is to poll to see if anyone is currently using the mac_ifoff and 
mac_partition policies in production, and would object on those grounds to 
shipping them separately from the base OS.

Robert N M Watson
Computer Laboratory
University of Cambridge