On Fri, Jul 13, 2001 at 07:23:26PM -0400, Matt Block wrote: > Is there a clear list of projects on which help is needed? Matt, you will be thrilled to know that there is. :) A feature from the *BSD kernels that I think would be well-received in the Linux camp is the securelevel stuff. Securelevel does different things between OpenBSD and FreeBSD (the only two I have used, sorry BSDi and NetBSD) but the gist is: no writing to /dev/[k]mem or raw disks, immutable and append-only flags are respected, firewall rules are immutable, and the time can't be set backward. This has been something I have been thinking of doing for a little while now, but it doesn't look like I will have the time any time soon. It seems like a good test of the LSM API -- perhaps in implementing securelevel, some new needs might develop. I'll be happy to let you have the glory if you want to go do it. :) http://www.openbsd.org/cgi-bin/man.cgi?query=securelevel&sektion=7&format=html http://www.freebsd.org/cgi/man.cgi?query=securelevel&apropos=0&sektion=0&manpath=FreeBSD+4.3-RELEASE&format=html _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Jul 13 2001 - 16:43:21 PDT