> se alguem tiver interessado... > > Jean > > Begin forwarded message: > >> From: "Robert N. M. Watson" <robert.wat...@cl.cam.ac.uk> >> Date: 6 October 2010 15:50:29 GMT+01:00 >> To: cl-security-resea...@lists.cam.ac.uk >> Subject: Kylin kernel source code now online >> >> For those interested in secure operating systems, or even possibly >> secure operating systems, the Kylin kernel source code is now online: >> >> http://code.google.com/p/kylin-2 >> >> For those who don't follow Schneier et al, Kylin is a FreeBSD-derived >> operating system developed for use by the Chinese military. It was >> forked in around 2004/2005, as far as I know, but contains significant >> enhancements since then. A talk was given on Kylin at EuroBSDCon in >> Milan a few years ago, I can see if I can dig up the paper if folks are >> interested. >> >> I was interested to see that they appear to make moderate use of the MAC >> Framework, a reference monitor I designed as part of DARPA work about >> ten years ago. They have a different implementation of security event >> auditing than the version I did for Mac OS X and FreeBSD, however >> (presumably due to branching before that went into FreeBSD), and also >> don't have the fine-grained privilege work I did for nCircle that made >> its way back into FreeBSD. >> >> Among MAC models, they have what appears to be a LOMAC-derived data >> tainting model, although I've not looked closely at the specifics of the >> policy so may be misreading. They've also adapted a version of FLASK/TE >> that my team developed at NAI Labs, based on the version from SELinux; >> this didn't make it into mainstream FreeBSD, but does appear to have >> found a home in Kylin. >> >> There's probably quite a few interesting things to say here if someone >> has to time to do a more serious analysis. >> >> Robert > > ------------------------- >
Complementando sobre o (ripadão) Kylin. Pegaram um FreeBSD descontinuado, alteraram alguns valores de parâmetros em "vers.c" e compilaram, dando assim "novo nome ao boi". http://www.fug.com.br/historico/html/freebsd/2009-05/msg00349.html Saudações, Trober - - - - - ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
