134 lines
		
	
	
	
		
			3.5 KiB
		
	
	
	
		
			Text
		
	
	
	
	
	
			
		
		
	
	
			134 lines
		
	
	
	
		
			3.5 KiB
		
	
	
	
		
			Text
		
	
	
	
	
	
| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" [
 | |
| <!ENTITY base CDATA "../..">
 | |
| <!ENTITY date "$FreeBSD: www/en/projects/mac/index.sgml,v 1.1 2004/09/21 06:09:07 trhodes Exp $">
 | |
| <!ENTITY title "TrustedBSD MAC TODO list">
 | |
| <!ENTITY % includes SYSTEM "../../includes.sgml"> %includes;
 | |
| <!ENTITY % developers SYSTEM "../../developers.sgml"> %developers;
 | |
| <!-- Status levels -->
 | |
| <!ENTITY status.merge "<font color=orange>Merge required</font>">
 | |
| <!ENTITY status.done "<font color=green>Done</font>">
 | |
| <!ENTITY status.wip "<font color=blue>In progress</font>">
 | |
| <!ENTITY status.new "<font color=red>Not done</font>">
 | |
| ]>
 | |
| 
 | |
| <html>
 | |
| &header;
 | |
| 
 | |
| <h1>Current Status</h1>
 | |
| 
 | |
| <p>This is a TODO list for the TrustedBSD Project.  Items are listed in
 | |
|   their current condition along with an informational note and current
 | |
|   task handler.  This is considered an addendum to the
 | |
|   <a href="http://www.TrustedBSD.org/">TrustedBSD website</a>.</p>
 | |
| 
 | |
| <br>
 | |
| <br>
 | |
| 
 | |
| <h3>Mandatory Access Control</h3>
 | |
| 
 | |
| <table border=1 width="100%">
 | |
|   <tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th>
 | |
|       </tr>
 | |
| 
 | |
|   <tr>
 | |
|     <td>devfs(8) changes</td>
 | |
|     <td>&status.merge;</td>
 | |
|     <td>&a.rwatson;</td>
 | |
|     <td>devfs changes to pass complete paths of objects into
 | |
| 	MAC Framework for label initialization.</td>
 | |
|   </tr>
 | |
| 
 | |
|   <tr>
 | |
|     <td>Regression tests</td>
 | |
|     <td>&status.wip;</td>
 | |
|     <td>&a.trhodes;</td>
 | |
|     <td>Regression tests should be present for all MAC modules.
 | |
| 	These should exist in /usr/src/tools/regression/security/MODULE_NAME.</td>
 | |
|   </tr>
 | |
| 
 | |
|   <tr>
 | |
|     <td>mac_bsdextended(4) first match</td>
 | |
|     <td>&status.done;</td>
 | |
|     <td>&a.trhodes;</td>
 | |
|     <td>The file system firewall capabilities provided by the
 | |
| 	mac_bsdextended(4) security policy module should be
 | |
| 	fixed to honor on a first match basis.</td>
 | |
|   </tr>
 | |
| </table>
 | |
| 
 | |
| <h3>TrustedBSD Audit framework</h3>
 | |
| 
 | |
| <table border=1 width="100%">
 | |
|   <tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th></tr>
 | |
|   <tr>
 | |
|     <td>STUB TABLE</td>
 | |
|     <td>--</td>
 | |
|     <td>--</td>
 | |
|     <td>--</td>
 | |
|   </tr>
 | |
| </table>
 | |
| 
 | |
| <h3>Security Enhanced BSD (SEBSD)</h3>
 | |
| 
 | |
| <table border=1 width="100%">
 | |
|   <tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th>
 | |
|       </tr>
 | |
| 
 | |
|   <tr>
 | |
|     <td>STUB TABLE</td>
 | |
|     <td>--</td>
 | |
|     <td>--</td>
 | |
|     <td>--</td>
 | |
|   </tr>
 | |
| </table>
 | |
| 
 | |
| <h3>Security-Enhanced Darwin (SEDarwin)</h3>
 | |
| 
 | |
| <table border=1 width="100%">
 | |
|   <tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th>
 | |
|       </tr>
 | |
|   <tr>
 | |
|     <td>Missing hook: chdir() syscall
 | |
|     <td>--</td>
 | |
|     <td>--</td>
 | |
|     <td>--</td>
 | |
|   </tr>
 | |
| </table>
 | |
| 
 | |
| <h3>TrustedBSD Documentation Issues</h3>
 | |
| 
 | |
| <table border=1 width="100%">
 | |
|   <tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th>
 | |
|   </tr>
 | |
| 
 | |
|   <tr>
 | |
|     <td>Consistent module text</td>
 | |
|     <td>&status.wip;</td>
 | |
|     <td>&a.trhodes;</td>
 | |
|     <td>The handbook MAC chapter should use "security policy module"
 | |
| 	consistently as not to confuse users.</td>
 | |
|   </tr>
 | |
| 
 | |
|   <tr>
 | |
|     <td>MAC chapter bibliography</td>
 | |
|     <td>&status.new;</td>
 | |
|     <td>&a.trhodes</td>
 | |
|     <td>The handbook MAC chapter should have a bibliography to point
 | |
| 	users to other texts.  Robert is going to send Tom a list
 | |
| 	that he thinks would be sufficiant.</td>
 | |
|   </tr>
 | |
| 
 | |
|   <tr>
 | |
|     <td>MAC chapter numeric label descriptions</td>
 | |
|     <td>&status.wip;</td>
 | |
|     <td>&a.trhodes;</td>
 | |
|     <td>The handbook MAC chapter describes the low, equal and high
 | |
| 	labels; however, it should also discuss the numeric label
 | |
| 	settings.</td>
 | |
|   </tr>
 | |
| </table>
 | |
| 
 | |
|     &footer;
 | |
| 
 | |
|   </body>
 | |
| </html>
 |