SEBSD: Security-Enhanced BSD
Port of NSA's FLASK Architecture and TE Policy to FreeBSD using the TrustedBSD MAC Framework
Under contract to DARPA/SPAWAR, SPARTA is adapting NSA's FLASK Architecture and Type Enforcement policy implementation from SELinux to run on the open source FreeBSD operating system. This project builds on prior SPARTA research to improve the security of the FreeBSD operating system with the TrustedBSD Project, including the MAC Framework security extension environment, which permits the extension of the operating system access control policy.
The SEBSD implementation is available via the TrustedBSD Project web site. Instructions for access source code and distributions may be found on these web pages. In addition, many of the features required to support SEBSD have been integrated back into the base FreeBSD operating system distribution. A June 2003 technical report, Security-Enhanced BSD, is available on the TrustedBSD documentation web page.
All TrustedBSD-related work performed by Network Associates Laboratories is available under a two-clause Berkeley-style license, which permits broad research and commercial reuse. Modifications to the SELinux components are made available under the GNU Public License (GPL).
Questions and discussion of the SEBSD work may occur on the TrustedBSD mailing lists. Several TrustedBSD mailing lists exist, including an announcement mailing list, general discussion mailing list, audit mailing list, and CVS/Perforce commit mailing list. Mailing list information is available on the TrustedBSD web site.
To contact researchers and developers working on SEBSD, please e-mail ISSO-cboss@sparta.com.