I kept asking you for one (in private email)... where is it?
> All the features that you have named are because of a different design
> of the operating system, don't you agree? So isn't it perhaps time that
> we start to consider alternative concepts for mainstream operating
> systems or at least start implementing known solutions to problems that
> our systems have?
It is interesting, and perhaps it is useful for some people.
It is _not_ anything like Linux and can't support basic POSIX
features very well. For example, you have to give up much of
the security and run Unix emulation if you want a real filesystem.
(yeah, no kidding: we get rid of open(2) and just pass fd's around)
>> I hope everyone has seen this by now:
>> http://agn-www.informatik.uni-hamburg.de/people/1ott/rsbac/index.htm
>
> Yes, we have seen it, but the thesys is in German
I thought people were complaining about the web page in German.
I just assumed everybody would grab to code itself, not the thesis.
There is a patch against 2.0.33 and some user-space tools.
Summary:
At every point where security ought to be checked, he collects data
needed for the check and passes it to a general security function.
Most of the kernel gets a black-box view of security. The kernel
maintains a database in /rsbac (on every mount point?) instead of
modifying the ext2 filesystem. (that could be changed) There are a
half-dozen security models implemented on his general framework.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu