Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

Thread Tools Display Modes
  #1   (View Single Post)  
Old 21st November 2017
hanzer's Avatar
hanzer hanzer is offline
Real Name: Adam Jensen
just passing through
Join Date: Oct 2013
Location: EST USA
Posts: 314
Default MAC vs Jails: Compartmentalization Issues, Factors, and Considerations

Has anyone here built a FreeBSD system with a comprehensive MAC policy?

Assuming a MAC policy was properly designed to compartmentalize many services, how would performance and load compare to a similar system with those same services each compartmentalized via the jail method?

This might be ignorant and far-out beyond the point of being goofy but: Has anyone ever seen a system (is this even possible) with a MAC policy that extends into the graphical user interface in such a way that several desktops could each have a different security context?

Any experience, research, speculation, comments, discussion, etc. could be interesting.
Reply With Quote
  #2   (View Single Post)  
Old 28th November 2017
gpatrick gpatrick is offline
Spam Deminer
Join Date: Nov 2009
Posts: 245

Solaris used to allow that on the desktop with Trusted Extensions. I don't know if FreeBSD extends their MAC framework to the extent Sun Microsystems did. My gut tells me it isn't possible.
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
E-commerce set of applications in one or more jails libertas FreeBSD Security 2 4th December 2015 08:11 PM
ezjail, how to remove its /usr/jails irukandji FreeBSD Security 1 26th March 2015 05:45 PM
FreeBSD jails and ezjail DNAeon FreeBSD Security 1 25th January 2010 08:53 AM
Jails for OpenBSD gpatrick OpenBSD Security 12 20th November 2009 03:44 AM
jails, aliasing, router, and dmz? neurosis FreeBSD Security 17 7th November 2008 03:47 AM

All times are GMT. The time now is 12:49 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick