aboutsummaryrefslogtreecommitdiff
path: root/en_US.ISO8859-1/htdocs/projects/mac/index.sgml
blob: 3deae7acb7e8be2fe0ef1d4cb45f025bcbec765c (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
<!DOCTYPE HTML PUBLIC "-//FreeBSD//DTD HTML 4.01 Transitional-Based Extension//EN" [
<!ENTITY base CDATA "../..">
<!ENTITY date "$FreeBSD: www/en/projects/mac/index.sgml,v 1.3 2005/10/04 19:43:50 hrs Exp $">
<!ENTITY title "TrustedBSD MAC TODO list">
<!ENTITY % navinclude.developers "INCLUDE">
<!ENTITY % developers SYSTEM "../../developers.sgml"> %developers;
<!-- Status levels -->
<!ENTITY status.merge "<font color=orange>Merge required</font>">
<!ENTITY status.done "<font color=green>Done</font>">
<!ENTITY status.wip "<font color=blue>In&nbsp;progress</font>">
<!ENTITY status.new "<font color=red>Not&nbsp;done</font>">
]>

<html>
&header;

<h1>Current Status</h1>

<p>This is a TODO list for the TrustedBSD Project.  Items are listed in
  their current condition along with an informational note and current
  task handler.  This is considered an addendum to the
  <a href="http://www.TrustedBSD.org/">TrustedBSD website</a>.</p>

<br>
<br>

<h3>Mandatory Access Control</h3>

<table class="tblbasic">
  <tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th>
      </tr>

  <tr>
    <td>devfs(8) changes</td>
    <td>&status.merge;</td>
    <td>&a.rwatson;</td>
    <td>devfs changes to pass complete paths of objects into
	MAC Framework for label initialization.</td>
  </tr>

  <tr>
    <td>Regression tests</td>
    <td>&status.wip;</td>
    <td>&a.trhodes;</td>
    <td>Regression tests should be present for all MAC modules.
	These should exist in /usr/src/tools/regression/security/MODULE_NAME.</td>
  </tr>

  <tr>
    <td>mac_bsdextended(4) first match</td>
    <td>&status.done;</td>
    <td>&a.trhodes;</td>
    <td>The file system firewall capabilities provided by the
	mac_bsdextended(4) security policy module should be
	fixed to honor on a first match basis.</td>
  </tr>
</table>

<h3>TrustedBSD Audit framework</h3>

<table class="tblbasic">
  <tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th></tr>
  <tr>
    <td>STUB TABLE</td>
    <td>--</td>
    <td>--</td>
    <td>--</td>
  </tr>
</table>

<h3>Security Enhanced BSD (SEBSD)</h3>

<table class="tblbasic">
  <tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th>
      </tr>

  <tr>
    <td>STUB TABLE</td>
    <td>--</td>
    <td>--</td>
    <td>--</td>
  </tr>
</table>

<h3>Security-Enhanced Darwin (SEDarwin)</h3>

<table class="tblbasic">
  <tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th>
      </tr>
  <tr>
    <td>Missing hook: chdir() syscall
    <td>--</td>
    <td>--</td>
    <td>--</td>
  </tr>
</table>

<h3>TrustedBSD Documentation Issues</h3>

<table class="tblbasic">
  <tr><th>Issue</th><th>Status</th><th>Responsible</th><th>Description</th>
  </tr>

  <tr>
    <td>Consistent module text</td>
    <td>&status.wip;</td>
    <td>&a.trhodes;</td>
    <td>The handbook MAC chapter should use "security policy module"
	consistently as not to confuse users.</td>
  </tr>

  <tr>
    <td>MAC chapter bibliography</td>
    <td>&status.new;</td>
    <td>&a.trhodes</td>
    <td>The handbook MAC chapter should have a bibliography to point
	users to other texts.  Robert is going to send Tom a list
	that he thinks would be sufficiant.</td>
  </tr>

  <tr>
    <td>MAC chapter numeric label descriptions</td>
    <td>&status.wip;</td>
    <td>&a.trhodes;</td>
    <td>The handbook MAC chapter describes the low, equal and high
	labels; however, it should also discuss the numeric label
	settings.</td>
  </tr>
</table>

    &footer;

  </body>
</html>