[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
[tcf-dev] Mandatory Access Control support in TCF
|
Hello,
I am a new comer on this list and I am looking for the best solution to
add the support off some common security mechanisms to TCF.
I am hoping to get some advise from people who know that code well and
might have ideas on what would be the best implementation model.
I would like to start by a Mandatory Access Control such as SE Linux or
Smack, then I would like to look at and Integrity enforcement such as
IMA and container support.
The support of those type of security faciilities will require to extend
some services in particular the 'File System Service' and the 'Run
Control Service' to support the additional file extended attributes used
by MAC and the increased complexity of attaching ptrace to a service
running in a bespoke security context.
Obviously, we do not want to create patches but rather an extension
which can be configured to support various model of MAC (at least Smack
and SE Linux sto start with).
Thanks in advance for your help.
--
Dominig ar Foll
Senior Software Architect
Open Source Technology Centre
Intel SSG
