cfd9e12239
- Move includes.nav*.sgml to share/sgml/navibar.ent and
<lang>/share/sgml/nabibar.l10n.ent.
- Move includes.sgml and includes.xsl to
share/sgml/common.ent, share/sgml/header.ent, <lang>/share/sgml/l10n.ent,
and <lang>?share/sgml/header.l10n.ent.
- Move most of XSLT libraries to share/sgml/*.xsl and
<lang>/share/sgml/*.xsl.
- Move news.xml and other *.xml files for the similar purpose
to share/sgml/*.xml and <lang>/share/sgml/*.xml.
- Switch to use a custom DTD for HTML document. Now we use
"-//FreeBSD//DTD HTML 4.01 Transitional-Based Extension", which is
HTML 4.01 + some entities previously pulled via
"<!ENTITY % includes SYSTEM "includes.sgml"> %includes;" line.
The location of entity file will be resolved by using catalog file.
- Add DOCTYPE declearation to XML documents. This makes the followings
possible:
* Use of &foo; entities for SGML in an XML file instead of defining
{$foo} as the same content.
* &symbolic; entities for Latin characters.
- Duplicated information between SGML and XML, or English and
translated doc, has been removed as much as possible.
134 lines
3.4 KiB
Text
134 lines
3.4 KiB
Text
<!DOCTYPE HTML PUBLIC "-//FreeBSD//DTD HTML 4.01 Transitional-Based Extension//EN" [
|
|
<!ENTITY base CDATA "../..">
|
|
<!ENTITY date "$FreeBSD: www/en/projects/mac/index.sgml,v 1.3 2005/10/04 19:43:50 hrs Exp $">
|
|
<!ENTITY title "TrustedBSD MAC TODO list">
|
|
<!ENTITY % navinclude.developers "INCLUDE">
|
|
<!ENTITY % developers SYSTEM "../../developers.sgml"> %developers;
|
|
<!-- Status levels -->
|
|
<!ENTITY status.merge "<font color=orange>Merge required</font>">
|
|
<!ENTITY status.done "<font color=green>Done</font>">
|
|
<!ENTITY status.wip "<font color=blue>In progress</font>">
|
|
<!ENTITY status.new "<font color=red>Not done</font>">
|
|
]>
|
|
|
|
<html>
|
|
&header;
|
|
|
|
<h1>Current Status</h1>
|
|
|
|
<p>This is a TODO list for the TrustedBSD Project. Items are listed in
|
|
their current condition along with an informational note and current
|
|
task handler. This is considered an addendum to the
|
|
<a href="http://www.TrustedBSD.org/">TrustedBSD website</a>.</p>
|
|
|
|
<br>
|
|
<br>
|
|
|
|
<h3>Mandatory Access Control</h3>
|
|
|
|
<table class="tblbasic">
|
|
<tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td>devfs(8) changes</td>
|
|
<td>&status.merge;</td>
|
|
<td>&a.rwatson;</td>
|
|
<td>devfs changes to pass complete paths of objects into
|
|
MAC Framework for label initialization.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td>Regression tests</td>
|
|
<td>&status.wip;</td>
|
|
<td>&a.trhodes;</td>
|
|
<td>Regression tests should be present for all MAC modules.
|
|
These should exist in /usr/src/tools/regression/security/MODULE_NAME.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td>mac_bsdextended(4) first match</td>
|
|
<td>&status.done;</td>
|
|
<td>&a.trhodes;</td>
|
|
<td>The file system firewall capabilities provided by the
|
|
mac_bsdextended(4) security policy module should be
|
|
fixed to honor on a first match basis.</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<h3>TrustedBSD Audit framework</h3>
|
|
|
|
<table class="tblbasic">
|
|
<tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th></tr>
|
|
<tr>
|
|
<td>STUB TABLE</td>
|
|
<td>--</td>
|
|
<td>--</td>
|
|
<td>--</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<h3>Security Enhanced BSD (SEBSD)</h3>
|
|
|
|
<table class="tblbasic">
|
|
<tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td>STUB TABLE</td>
|
|
<td>--</td>
|
|
<td>--</td>
|
|
<td>--</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<h3>Security-Enhanced Darwin (SEDarwin)</h3>
|
|
|
|
<table class="tblbasic">
|
|
<tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th>
|
|
</tr>
|
|
<tr>
|
|
<td>Missing hook: chdir() syscall
|
|
<td>--</td>
|
|
<td>--</td>
|
|
<td>--</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<h3>TrustedBSD Documentation Issues</h3>
|
|
|
|
<table class="tblbasic">
|
|
<tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td>Consistent module text</td>
|
|
<td>&status.wip;</td>
|
|
<td>&a.trhodes;</td>
|
|
<td>The handbook MAC chapter should use "security policy module"
|
|
consistently as not to confuse users.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td>MAC chapter bibliography</td>
|
|
<td>&status.new;</td>
|
|
<td>&a.trhodes</td>
|
|
<td>The handbook MAC chapter should have a bibliography to point
|
|
users to other texts. Robert is going to send Tom a list
|
|
that he thinks would be sufficiant.</td>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td>MAC chapter numeric label descriptions</td>
|
|
<td>&status.wip;</td>
|
|
<td>&a.trhodes;</td>
|
|
<td>The handbook MAC chapter describes the low, equal and high
|
|
labels; however, it should also discuss the numeric label
|
|
settings.</td>
|
|
</tr>
|
|
</table>
|
|
|
|
&footer;
|
|
|
|
</body>
|
|
</html>
|