----- Original Message ----- > http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/secure-chroot.html#AEN1514 > > > > > 3.5.2POSIX®.1e Process Capabilities > > > > POSIX® has released a working draft that adds event auditing, > > access > > control lists, fine grained privileges, information labeling, and > > mandatory access control. > > > > This is a work in progress and is the focus of theTrustedBSD > > <http://www.trustedbsd.org/>project. Some of the initial work has > > been > > committed to FreeBSD-CURRENT (cap_set_proc(3)).
http://www.freebsd.org/cgi/man.cgi?query=cap_set_proc&apropos=0&sektion=0&manpath=FreeBSD+9-current&format=html Looks like the this documentation is from utopia :) > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mac.html > > > FreeBSD 5.X introduced new security extensions from the TrustedBSD > > project based on thePOSIX®.1e draft. Two of the most significant > > new > > security mechanisms are file system Access Control Lists (ACLs) and > > Mandatory Access Control (MAC) facilities. http://www.freebsd.org/cgi/man.cgi?query=mac&sektion=3&apropos=0&manpath=FreeBSD+8.2-RELEASE The MAC framework is comparable to SELinux (Not AppArmor) and not quite what we're looking for, I suppose. MAC, or any MLS (Multi-Level-Security) is generally controlled by the Administrator, and the program executing within its limits has no say. Which is the whole point, really. Dropping privileges we go the other way around: We're granted more privileges than we need, and drop to set of privileges that our execution requires. Googling, I just found something: http://wiki.freebsd.org/201105DevSummit/Capsicum It appears this will be supported in FreeBSD 9.0 aaand a whitepaper! (haven't read it yet) http://www.usenix.org/events/sec10/tech/full_papers/Watson.pdf i -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: i.ga...@brainsware.org URL: http://brainsware.org/ GPG: 571B 8B8A FC97 266D BDA3 EF6F 43AD 80A4 5779 3257
