The isolate utility [LWN.net]

The isolate utility

Posted Jan 7, 2010 15:13 UTC (Thu) by drag (subscriber, #31333)
In reply to: The isolate utility by trasz
Parent article: The isolate utility

The only mention of MAC stuff in FreeBSD's documentation is this
'TrustedBSD' stuff

http://www.freebsd.org/doc/en/books/arch-handbook/mac.html

Which is the port of Flask/SELinux from Linux to Darwin to FreeBSD.

What am I missing here?

----------------

Also the above people mis characterized SELinux as being the 'one true
framework' or whatever. There is, of course, SMACK (in since 2.6.25) and
Tomoyo, which is in since 2.6.30. Both of which are designed to be much
simpler for administrators and such to deal with.

Redhat and Fedora, of course, still focus on SeLinux, of course. Probably
because it's the most full featured solution so far and they want to meet
the requirements for a certain subset of Redhat's customers.

(Log in to post comments)

The isolate utility

Posted Jan 7, 2010 21:21 UTC (Thu) by martinko (guest, #62862) [Link]

MAC is no Flask/SELinux -- please read better!

http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook...

Also you may want to educate yourself what really TrustedBSD is and about it's affiliation with FreebBSD.

;-)

The isolate utility

Posted Jan 18, 2010 11:26 UTC (Mon) by trasz (guest, #45786) [Link]

FreeBSD MAC, implemented as part of TrustedBSD and ported to Darwin/MacOS X,, is not a port of SELinux - it's a MAC framework and a set of modules implementing policies. Port of SELinux would be just another policy module.