LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Multipath TCP: an overview

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

*BSD "securelevel"

*BSD "securelevel"

Posted Mar 14, 2013 16:39 UTC (Thu) by ThinkRob (subscriber, #64513)
In reply to: *BSD "securelevel" by spender
Parent article: The trouble with CAP_SYS_RAWIO

At the risk of going slightly off-topic (though not much, given the matter at hand), what do you think of FreeBSD's approach to kernel security? I'd be willing to wager you're a fan of the fact that (it seems like) they're a bit more up-front with their security hole disclosure, but what about things like the "secure level" model, jails, capsicum, and other security-oriented features they've introduced -- do you think they're on the right track?

I know the full answer to this is probably not terribly succinct, but I'm just curious to hear what you think, since kernel security is obviously something you're quite passionate about. :)

(Log in to post comments)

*BSD "securelevel"

Posted Mar 20, 2013 9:13 UTC (Wed) by renox (subscriber, #23785) [Link]

Is capsicum actually used in FreeBSD?
AFAIK it's only useful iff programs are ported to use it..

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds