Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
BSD Operating Systems

$1.2M DARPA Contract for FreeBSD Security 90

Posted by AilleCat from the return-to-the-hey-day dept.
NAI Labs has been awarded a $1.2 million contract for FreeBSD security development. The main focus for this contract is to develop the TrustedBSD security extentions. The name of the project is CBOSS, (Community Based Open Source Initiative), led by Robert Watson and Lee Badger, and such developers as Kirk McKusick, Poul-Henning Kamp, Jonathan Lemon, and Eivind Eklund will work on it as subcontractors. I am excited over the news; the press release can be found at NAI Labs' CBOSS website.
This discussion has been archived. No new comments can be posted.

$12.M DARPA Contract for FreeBSD Security More

$12.M DARPA Contract for FreeBSD Security

Comments Filter:

  • Re:Bound to piss off MS (Score:1)

    by Anonymous Coward
    Dunno, Microsoft seems to like it when BSD-licensed code is done by research institutions (such as universities, or, apparently, NAI Labs). Didn't Balmer (or someone) post about a "life cycle" for computer science stuff, we're it's developed under funded research at a university, goes open source, and is then integrated into the main stream? (that's what happened with the BSD IP stack, among other things, which Microsoft now admits they use).

  • Re:Sounds good (Score:1)

    by Anonymous Coward
    NOT!

    >There is nothing wrong with selling your software, but open-source is a great
    >way to make best use of public money since the public benefits as well as the
    >goverment agency.

    I would only agree to that if the license was public domain. The problem with others
    (gpl etc..) is that its not really that free. Sure you can get to it, see it,
    but not use it however you like. Governments using GPL code would have to release their
    application code to be compliant with the license, I don't think so. I think anything
    other than public domain is not free. I think government should not fund any endeavor under
    any other license than public domain.

  • Re:FreeBSD monopoly power??? (Score:1)

    by Anonymous Coward
    So you make remarks like "holes in ships", and add in no actual content - looks like a troll here, only this one likes OpenBSD instead of linux.

    Anyways, exactly how many FreeBSD base system exploits have you seen in the last few years? Probably 2 or 3. The same is true for OpenBSD, they just keep that ridiculous claim up on their web page because the base system OpenBSD ROOT EXPLOITS happen to have been local exploits, or in features that are turned off by default (read: ftpd). People think OpenBSD is oh-so-secure because of Theo's ability to trim the base system down to nothing (geez, procfs doesn't even come mounted be default), and then his ability to hype. The big exploits come from the software you use to actually do things - web servers, databases, etc - very few modern exploits are the fault of the base system.

    So, install OpenBSD on your box and put it on the net, and it will be secure. Until you put the software you need on it, and then it will be "just as insecure" as FreeBSD, which is a very manipulative statement.

  • GPL Cancer will benefit. (Score:1)

    by Anonymous Coward

    How long before Linus and his Merry Hacks start to suck in the TrustedBSD code and stamp it with their crappy "GPL" license.

    Hell, anything that works in Linux is a rip from BSD, even Slashdot's own slashnet servers run on FreeBSD. Linux wasn't up to the task.

  • Re:I'm in shock (Score:2)

    by Anonymous Coward
    Cute troll... As a member of the BSD development team, I'd be happy to point out that: a) BSD doesn't have kernel pthread support, they use a Schedular Activation-based model in FreeBSD 5, and a user thread model in FreeBSD 4. b) They don't make people sign NDA's. Amazing how one person can fit so many useful technical words into a comment and have the result being so warped from reality.

  • Re:Government contracted open source? (Score:3)

    by Anonymous Coward on Monday July 09, 2001 @08:57AM (#97378)
    Actually, it seems more likely the government is getting a great deal: by making the results open source, they'll get great technology transfer, and the developers do this stuff as volunteers anyway, so they're dedicated to doing it right, and will work outside their normal work day if they need to. It's hard to imagine a better pool of workers :-).

  • Re: OpenBSD (Score:4)

    by Anonymous Coward on Monday July 09, 2001 @12:32PM (#97379)
    OK people who think it should be OpenBSD and not FreeBSD, you have to understand some basic concepts before you even talk.

    FreeBSD approaches security /much/ differently then OpenBSD,

    OpenBSD audits their code and tries to remove every single bug before they release, they also improve cryptography preformance and support alot of ccrypto accelerated hardware, as well as basing much of their security on strong cryptography

    FreeBSD, on the other hand looks for bugs and tried to eliminate them of course, but it is not it's main focus, and it is not its appraoch to security. What they do is have alot of security /features/. For example FreeBSD has kernel secure levels (-1, 0, 1 etc) that you can set to decide how secure you would like your kernel to operate, for example on higher security levels you can not open up /dev/mem or /dev/kmem for writing and other things, while on lower security levels you can do pretty much what a regulat OpenBSD or NetBSD can do by default.

    Second off, Robert Watson (the guy who started TrustedBSD) is a core FreeBSD developer, and his chief job as a FreeBSD developer is security. OpenBSD has their ideas that they put into their OS, and this was just one of FreeBSD's idea's, he decided it would be nice to give FreeBSD Trusted OS extentions so he started developing it, he said many times on the TrustedBSD website that he was a FreeBSD developer and this project was a FreeBSD project, he said he is trying to make it as portable as possible and OpenBSD might be able to adopt it if they choose, but they have showed signed that they do not want to go this route with OpenBSD

    So basicly the only reason the TrustedBSD might seem like a seperate project is because they are merging it into the FreeBSD kenrel /very slowly/ and carefully, they are adding TrustedBSD extentions, much improved SMP support (fine grained locking), and Kernel threads all at the same time, so they have to be careful and think before acting/commiting,

    TrustedBSD never had a chance at being used on OpenBSD since it was started by a FreeBSD core team member who was in charge of FreeBSD security, and because it was a FreeBSD project all along

    So FreeBSD will continue to take the security appraoch of fixing as much bugs as is practical to them, they will probably not spend years going through code looking for bugs like OpenBSD but they will add advanced security features

    OpenBSD will probably continue along the same development model they are now with security in the Base system

    As far as the port system goes you can't expect FreeBSD to secure every port, there are more than 5,500 piece of 3rd party software in the ports! if you think the program in unsecure don't install it

    thanks

    -Lional Will

  • Re:Sounds good (Score:3)

    by jandrese ( 485 ) <kensama@vt.edu> on Monday July 09, 2001 @09:54AM (#97380) Homepage Journal
    Arrr! I've been trolled!

    Anyway, if you have some Public Domain OS in mind, I'd love to hear about it. The BSD license is just about as close to Public Domain as you can get, with the only major restriction being that you can't simply grab the code and claim you wrote it (under the assumption that the other party has never heard of the code before).

    So you have to give credit to the people who wrote the code (and not even in your advertising, just in the code itself). What more do you want?

    Down that path lies madness. On the other hand, the road to hell is paved with melting snowballs.
  • $500/line of code?
    $2000/compile?

    Gotta love the government dole!

    Just kidding. I think this is a good thing that can only enhance the impact of open source software.


    Chas - The one, the only.
    THANK GOD!!!
  • Actually I'm not a direct subcontractor - my employer (ThinkSec [thinksec.no]) is, but I will be the person mostly working on it, playing ball with my coworker and fellow FreeBSD [freebsd.org] committer, Dag-Erling Smørgrav, as appropriate.

    Eivind.

  • Re:The future of root (Score:3)

    by ocie ( 6659 ) on Monday July 09, 2001 @09:22AM (#97383) Homepage
    My question is how is this really different from sudo? I have always thought that the root account (if only used by a very select few) was a good idea. Which security system do you trust more, the one with fewer more restrictive rules, or the one with more rules. It seems to me that as the number of rules increases, the possibility of someone being allowed to do something they shouldn't increases. See Dr. Strangelove.
  • Could it be because Theo is a Canadian with beady little eyes?

    Yes. Definitely a commie. ;-)

  • There was a slash dot article around usenix time saying that openbsd got some money too.

  • Re:It should be 1.2 million (Score:4)

    by mph ( 7675 ) <mph@freebsd.org> on Monday July 09, 2001 @09:04AM (#97386)
    no one writes 12. million.

    Not even Fortran programmers?

  • the government should take advantage of and improve public property whenever possible



    That's why they're using a BSD licensed OS and not a GPL licensed OS, BTW

  • You are either trolling or uninformed.

    "Trusted" is just marketing language and has no official definition. The official definitions, at least for the US government, can be found in the NSA/NCSC rainbow books [fas.org].

  • http://www.trustedbsd.com/ TrustedBSD [trustedbsd.com] The link was broken when I tried to click it. This is the correct one.

  • Re:The future of root (Score:3)

    by sethg ( 15187 ) on Monday July 09, 2001 @09:33AM (#97390) Homepage
    1. Even if root has access to all of the finer-grained capabilities, the access doesn't work in the other direction. For example, imagine a mail daemon with the capabilities to (a) listen on port 25; (b) write to any subdirectory of /var/spool/mail. In traditional Un*x, that daemon has to run as root, and therefore subverting that daemon lets you do anything root can do. In a system with finer-grained control, subverting the mail daemon might allow an attacker to wipe /var/spool/mail and broadcast spam through port 25, but the rest of the system remains safe, because there's no way for the process formerly serving as the mailer daemon to acquire full root privileges.
    2. I've heard of a trusted Unix variant where the only way to log in as the "security administrator", that system's moral equivalent of root, was to boot the machine in single-user mode. I don't know if TrustedBSD can be configured to work the same way, but if you have a system set up like this, it obviously makes attacks over the network a bit more complicated.

    --
  • Hi!

    > hope that theyroll that code back into
    > FreeBSD for all of us civvies to use

    I work on the CBOSS project, and that's the plan - we want to integrate the good stuff CBOSS produces directly into FreeBSD for everyone to use.

    - Tim Fraser
  • Unfortunatly working for the US Treasury I am only getting about $1 a line (averaged over the past month or so), but things have been really slow here, more debugging than writing fresh new code. But hey, someone has to do it.
  • Why not OpenBSD, I wonder? There gotta be something behind this choice...

    --

  • The thing of it is, even OpenBSD does not really have MAC support. You must have fine grained mandatory access control abilities for all parts of an OS if you want it to be secure, and to work well in a security-centric environment. even NT does this (to what level is debatable, of course. :)

    I've been watching the various projects looking to develop MAC support for *BSD and I'm glad to see the TrustedBSD project actually going somewhere. I received the announce from them just a few minutes ago, oddly enough- slashdot beat me to seeing it even from them. wow.

    Robert Watson knows his stuff, though, so this looks promising. I know I'm looking forward to seeing what they come up with; this seems like a much more sensible development strategy for the DoD, as opposed to funding GPL technologies that leave them hamstrung with distribution and reselling issues. I hope to see more projects like this, and hope that they roll that code back into FreeBSD for all of us civvies to use.


  • ... anyone with a machine using little endian to write to ...

    So what? Everyone knows that no important data is stored on little endian machines!

    (man, where did that quote come from anyway, I can't find it with google).

  • Re:hmm (Score:4)

    by 12dec0de ( 26853 ) on Monday July 09, 2001 @08:55AM (#97396) Homepage
    I wonder why they did not take OpenBSD as the starting point in the first place? After all, what good is some fance capability if you have not audited the framework to start with.
  • Kinda doubt it. BSD networking works.
    (Although the Windows millenium ftp client does carry a 1983 BSD copyright.)

  • Re:The future of root (Score:4)

    by sugarescent ( 30924 ) on Monday July 09, 2001 @09:27AM (#97398) Homepage

    The solution under TrustedBSD is to delegate the root responsibilities to various executables. I'm not sure what this solves if root still has access to these new executables. Any ideas on how this will be accomplished?

    The main idea is that you'll have a capability (for example) that says "this user can bind to ports numbered lower than 1024" and all executables that require such privileges will be only executable by that user (or some group, or whatever). If you make enough capabilities at a fine-grained level, then you'll be able to limit root's all-knowing, all-seeing power. Obviously this capability isn't a big one, but it's the only one I can quickly recall.

    -sugarescent

  • Well the TrustedBSD extensions are FreeBSD based, Robert Watson is a FreeBSD developer so this makes sense.
  • Information about the contributors to SELinux is here [nsa.gov]. Briefly, the NSA seems to be doing the bulk of the kernel work, while NAI, Secure Computing Corporation, and MITRE are working on utilities, MACs, and policy configurations.
  • NAILabs is actually the old TIS Labs, i.e. the guys who brought us the Firewall Toolkit (when Marcis Ranum was there). They're pretty much a separate group from what I understand. My old boss works there...

  • er -- by partitioning scheme, I mean the parceling out of root capabilities to a number of user accounts, each of which is responsible for (and capable of) only a portion of what we think of as root activities, along with the notion of chroot jail to limit file system visibility.

    I should read more carefully :)

  • Re:The future of root (Score:3)

    by J.Random Hacker ( 51634 ) on Monday July 09, 2001 @09:35AM (#97403)
    Even with sudo, if (by some means, a root kit, say) someone obtains a root shell, the system is at that moment totally vulnerable.

    The idea behind the partitioning setup is that each exploit only grants access to a *part* of the system -- specifically the parts that the particular rootlet has access to. Using chroot for servers even partitions the file system limiting visibility to data.

    IMHO the idea is a good one. It doesn't even make systems more difficult to setup/administer, if well done.
  • MS uses the BSD IP stack [kuro5hin.org]? I don't think that's any more than a rumor. Can you provide a reference to back that up?

    --jb

  • Hello?

    You have "signed an NDA with the BSD dev team"?

    How can you sign an NDA with a "core" (note: "core", not "dev") team, for an OS which is open source? That does not make any sense.

    What on earth are you talking about? BSD/OS? FreeBSD? Open/NetBSD?

    Finally, if there was such a thing as "a longjump right into the kernel" with "full root privileges", this thing would be all over Bugtraq right now... This is BSD, after all. Not some closed-source OS.

    I think you may have a little bit of explaining to do...
  • Does NAI labs have any connection to Bill Nye the Science Guy [buser.net]? If so, will we soon hear about The FreeBSD OS of Science on PBS?
  • I appreciate your comments and the astuteness of your hostility. Would you please explain to me or point me in the right direction of the articles you read to learn about Trusted Operating System features.

    And yes, like most things....I did read it somewhere. The world is what has been presented to you, and that was as far as I had taken my own personal search for secure BSD distributions.

    I probably won't get a reply...so while i'm waiting on nothing i'll begin researching that string of acronyms you presented to me. Thanks for at least giving me a place to start.
  • Funny how DARPA also recently sent a some cash to the OpenBSD camp. With all the buzz of finux recently getting NSA developers to do some Trusted code, It seems interesting to take note of the goverment push to open source alternatives.

    Think of it this way, The US goverment might pay Microsoft, Novel, Sun, and IBM (amongst others) some huge contracts for way more than a measly 1.2 Million Dollars (US).

    I can recall an artical on /. a few years ago where reasearchers at Los Alimos national lab (www.lanl.gov) used the Linux Kernel to create a distributedd parrell-processing computer named Avilon. This thing is used to model atomic reactions (very high computations.)

    The researchers noted in their press releasse that if they had used Compaqs Tru64 Unix, it would have cost them several million dollarts, where the hardware for that project was just under a measly 200K.

    To me, this singnifies a shift in goverment policy. -J
  • Community
    Based
    Open
    Source
    Initiative (Where is the stupid 'S'???)
    Spelling almost as good as /.
  • FYI securelevels/fileflags were invented by 4.4BSD - not FreeBSD - and *every* "still living" BSD does have them.
  • YABA --- Yet Another Bad Analogy
  • This will hopefully help in several areas, especially insecure third-party applications in the ports collection. Quite often the FreeBSD security team sends out warnings about some ports that have a root compromise but is they implement Manditory Access Controls in a Trusted OS, that should cut back on that big time.

    Does anyone know much about all of this? From what I have read before, you can limit access of an application using control lists, but since I have never worked on a system with this feature I have no idea what it can do.

    Good read...
    http://www.securityportal.com/closet/closet20010 50 9.html

    Anybody have an opinion on whether corporations would find FreeBSD to be more viable after these features are in the system?

    I believe that if Microsoft actually follows through with porting .NET to FreeBSD and that if Oracle releases their Oracle client software for FreeBSD, others would follow. It is a solid platform that works very well. The best thing about FreeBSD project is that it is lead by developers, not number crunchers who push out beta code into consumer releases. Perhaps FreeBSD will start getting more credit on it's merits and rise above the buzz that popularized Linux.

    Linux is also a good OS, but when you have companies like Corel and others packaging any half-baked software projects into the distribution you end up with a dis-jointed environment. The opposite is true for MacOS X. Apple took some Open Source (FreeBSD, OpenSSH, etc) and packaged it with code that they wrote (Aqua, Quartz, NetInfo) to create a complete system.

    The fact that Apple should be able to incorporate most of the changes to FreeBSD into Darwin/MacOS X is good news. Apple should add some money to the pot to help take it a little further, perhaps add more more developers and reduce the time it takes to complete some key features.

  • So I was wondering.. Why was it again that they are security "extensions" and not committed directly into FreeBSD? Wouldn't it be wise to develop FreeBSD itself instead of leaving it to the dogs?

    Ah. I see. TrustedBSD claims to have its fingers into too many pieces of code to justify integrating into core FreeBSD. Does no one use CVS branching and merging? Lame!
  • because they're part of the 5.x source, which is about a year off. from the slashdot interview with :

    As you observe, some TrustedBSD features have already been integrated into the base tree, including extended attributes on files, as well as infrastructure support for capabilities, ACLs, and some of the improved abstractions I spoke about above. The plan is to integrate most of the TrustedBSD features into the base operating system distribution over time; some features are more intrusive, as well as more computationally expensive, than others, meaning that some features may be distributed as modules rather than enabled by default. However, it is a definite goal to make all of the work easily available for FreeBSD installations, and under a two clause BSD-style license. Many of these features will appear in FreeBSD 5.0-RELEASE, although they will presumably mature over time.

    slashdot much?
    ben
  • whoops... meant to include the link:
    http://slashdot.org/interviews/01/01/18/1251257. sh tml
  • RIGHT. It's not like BSD is going to have the largest desktop install base of any UNIX in the next several months because of the roll out of OS X. Lack of implemented featurers != dieing. You see the BSD market shrinking, developers running away, etc, then you give us a call.

    F-bacher
  • They meant CBOSSI. That is, Community-Based Open Source Security (CBOSS) initiative, as is indicated in the press release, not Community-Based Open Source initiative (CBOSI).

    F-bacher
  • You can tell that it's a mistake in the title - no one writes 12. million. He just hit his 2 before his period. 12 million would be a lot cooler, but they'll take 1.2 million, I'm sure.

    F-bacher
  • Read the article...

    1.2 Million...
  • If this is opensource and the derivitive worked is protected as such how will this affect Micro$oft's new initiative against open source? Should we assume that they will lag behind in security (as they have proven in their networked history) because they are unwilling to comply with the open nature of the license???
  • This is some pretty cool stuff. Hopefully Open and
    Net BSD will be able to take some of these
    improvements too. I run a webserver on an
    OpenBSD box, and with their model of "Secure by
    default" combined with the ability to finally
    not run apache as a root, this makes me real
    happy. Why? Because I'm not the best PHP
    developer out there, and have been responsible
    for more than my fair share of holes in an
    otherwise secure box for too long.

  • Has anyone else out there found the best way to browse /. articles (especially BSD ones) is to turn the threshold to -1 and scroll down to the bottem... I mean I found some interesting stuff down there... and it is so predictable too...
    • List of gems to find at -1
    • *BSD is Dead
    • *Linux is Dead (*?)
    • First Post
    • Hot Grits (Decremented)
    • Natalie Portman Naked (Decremented)
    Hrmm... this list seems to be shorter than usual.... Well as always I thought I might point out the the "*BSD is Dying post" is the EXACT SAME TEXT as it always is. Do your modding... I don't have karma anyways
  • Well, this project is funded by the military in the US, does that mean that all the good crypto softwares that will be included in the TrustedBSD will not be exported? Then what is the point?

    Is NA going to own the patent of the softwares (whatever that is)? Then again, what is the point?

  • hmm (Score:1)

    by Tairan ( 167707 )
    12 million or 1.2 million? There is quite a difference. I wonder how much of this will fall back down to already ultra-secure BSD versions, such as OpenBSD and NetBSD?
  • Mr. Praline : 'Ello. I wish to register a complaint.
    Mr. Praline : 'Ello, Miss?
    Owner : (turning around, very angry) What do you mean, "miss"?
    Mr. Praline : I'm sorry, I have a cold.
    Mr. Praline : I wish to make a complaint!
    Owner : (hurriedly) Sorry, we're closin' for lunch...!
    Mr. Praline : Never mind that, my lad. I wish to complain about this troll, what I purchased not half an hour ago from this very boutique.
    Owner : Oh yes, the, ah, the BSD is dead... What's, ah... W-what's wrong with it?
    Mr. Praline : I'll tell you what's wrong with it, my lad. It's dead, that's what's wrong with it.
    Owner : No, no, 'e's ah... he's resting.
    Mr. Praline : Look, matey, I know a dead troll when I see one, and I'm looking at one right now.
    Owner : No no, h-he's not dead, he's, he's restin'!
    Mr. Praline : Restin'?
    Owner : Y-yeah, restin.' Remarkable troll, the BSD is dead, isn't it, eh? Beautiful plumage!
    Mr. Praline : The plumage don't enter into it. It's stone dead!
    Owner : Nononono, no, no! 'E's resting!
    Mr. Praline : All right then, if he's resting, I'll wake him up!
    (shouting at the cage)
    'Ello, Polly! Mister Troll! I've got a lovely fresh cuttle fish for you if you wake up, Mr. Troll...
    (owner hits the cage)
    Owner : There, he moved!
    Mr. Praline : No, he didn't, that was you pushing the cage!
    Owner : I never!!
    Mr. Praline : Yes, you did!
    Owner : I never, never....
    (He pulls the troll out of the cage and screams into its ear.)
    Mr. Praline : 'ELLO POLLAAAAAAAY! POLL-EE! POLLY TROLL! WAKE UP!
    (He bangs its head against the store counter, horribly hard.)
    TESTIIIING! TESTIIIING! THIS IS YOUR NINE-O' CLOCK ALARM CALL!
    (He does it again, harder.)
    POLL-EEEEEEE!
    (He tosses it up in the air and watches it plummet to the floor. Longish pause.)
    Now that's what I call a dead troll.
    Owner : No, no.... No, he's stunned.
    Mr. Praline : STUNNED?
    Owner : Yeah! You stunned him, just as he was wakin' up! BSD is deads stun easily, major.
    Mr. Praline : Look my lad, I've had just about enough of this. That troll is definitely deceased, and when I bought it not half an hour ago, you assured me that its total lack of movement was due to it being tired and shagged out after a long squawk.
    Owner : Well, he's... he's, ah... probably pining for the fjords.
    (Praline looks angrily back and forth, stuttering.)
    Mr. Praline : PININ' for the FJORDS? What kind of talk is that? Look, why did he fall flat on his back the moment I got 'im home?
    Owner : The BSD is dead prefers kippin' on its back! Remarkable troll, isn't it, guv, eh? Lovely plumage!
    Mr. Praline : (coldly) Look, I took the liberty of examining that troll when I got it home, and I discovered the only reason that it had been sitting on its perch in the first place was that it had been NAILED there.
    (pause)
    Owner : Well, of course it was nailed there! If I hadn't nailed that troll down, it would have nuzzled up to those bars, bent 'em apart with its little pecker, and VOOM!
    Mr. Praline : "VOOM?"
    (Praline puts the cage down and take the troll into his hands.)
    Mr. Praline : Look matey, this troll wouldn't "voom" if you put four thousand volts through it! It's bleedin' demised!
    Owner : It's not! I-It's pining!
    Mr. Praline : It's not pinin,' it's passed on! This parrot is no more! It has ceased to be! It's expired and gone to meet its maker! This is a late troll! It's a stiff! Bereft of life, it rests in peace! If you hadn't nailed him to the perch he would be pushing up the daisies! Its metabolical processes are of interest only to historians! It's hopped the twig! It's shuffled off this mortal coil! It's run down the curtain and joined the choir invisible! This.... is an EX-TROLL!
    (pause)
    Owner : Well, I'd better replace it, then.
    (He disappears behind the counter.)
    Mr. Praline : (turning to camera) If you want to get anything done in this country you've got to complain 'til you're blue in the mouth.
    (The owner returns.)
    Owner : Sorry guv, we're fresh out of trolls.
    Mr. Praline : I see. I see, I get the picture.
    Owner : (quietly) I-I've got a slug.
    (pause)
    Mr. Praline : (sweet as sugar) Does it talk?
    Owner : Not really, no.
    Mr. Praline : Well, it's SCARCELY A BLOODY REPLACEMENT then, IS IT?
    Owner : Listen, I'll tell you what, tell you what, if you go to my brother's pet shop in Bolton, he'll replace your troll for you.
    Mr. Praline : Bolton, eh?
    Owner : Yeah.
    Mr. Praline : All right.
    (He leaves.)
  • You give the right to modify /etc/passwd to the passwd program instead of giving it to the user 'root'.

    If you then run a daemon as root, and someone finds an exploit in it allowing them to trick it to modify /etc/passwd, it can't even if it has root privileges.

    Even if the hacker finds a root exploit in the daemon, and thus has a root shell, he can't modify /etc/passwd without the passwd program. That means whatever he does, it will get logged - he of course can't delete the log files even if you have a log rotating program doing cleanups, only the log rotation program can do that etc.
  • The BSDL is a whole lot better than GPL, but PD is what it should be.
    Did you ever notice that the BSD license, assuming you using the 2 clause one, grants all the freedoms of public domain software except that you have to include copyright notice. I think all government work should be released under BSD like licenses becase it allows all to benifit from it, just requiring them to give credit.
  • It sounds really good, except that you have to consider which "public" the US Government needs to protect and benefit.

    It seems to me (correct me if I'm wrong) that the US has a higher than average concentration of IP related to computer software. Releasing new code under BSD, GPL, whatever "free"/"open" license they decide to use would dilute that concentration (by making more available to the less concentrated economies), possibly making the US economy not as stable. This may be one reason why politicians are reluctant to support open source software development with public money.

  • Blockqoth the AC, AKA Lional Will:

    For example FreeBSD has kernel secure levels (-1, 0, 1 etc) that you can set to decide how secure you would like your kernel to operate, for example on higher security levels you can not open up /dev/mem or /dev/kmem for writing and other things, while on lower security levels you can do pretty much what a regulat OpenBSD or NetBSD can do by default.

    Ahem. OpenBSD has runlevels [openbsd.org].

    It's also best to remember that security is not a feature set, but rather a process and a frame of mind. OpenBSD is designed to give you a platform which gives you a good start for your security process. An OpenBSD system can be made very insecure, and most any other operating system can be made very secure. One of OpenBSD's goals, however, is to make security a bit easier.

    Besides, should TrustedBSD turn out to be something worthwhile--and it's rather likely it will--there's an excellent chance it'll find its way into the other BSDs. There's a heck of a lot of cross-polination that goes on in the BSD world.

    FreeBSD is very well suited to this kind of research. The other BSDs will benefit, just as all have benefited from OpenSSH, NetBSD's ports....

    b&

  • Not that I expect an AC to check for replies, but the point is, a corporation can take the software at no cost, but if they develop proprietary software on top of that we run the risk of having their value-added version of public goods supplant our public version of the software in popular usage. I realize that they have added value and deserve compensation for same, but there is no reason they should be allowed to build a proprietary product on top of public work, thereby obscuring all of the public portions of that same work.

  • Re:Sounds good (Score:3)

    by ichimunki ( 194887 ) on Monday July 09, 2001 @11:53AM (#97431)
    I think the government should be able to use GPL (especially if there is a GPL piece of software they would like to work with). The original post brought up the point about the government using public money to develop a public resource and likened this to the public parks-- where public money goes to make sure the public has a place to go and do recreational stuff. The only way a corporation can prevent the public from using the park is to buy the park

    The problem with a BSD-ish license is that it allows a private corporation to take advantage of a public resource without any compensation to the public. The libertarians (especially those tools that think corporations deserve the same rights as people) will argue that the corporation has theoretically paid taxes and therefore has as much right to the public resource as it needs. But when/if a corporation takes that public good and uses it to further their private development (and does not pass along the public resource in the same form they received it), then they have been given a freebie at the expense of society.

    If we are going to give away public resources, we should be aware of it. And personally I'm against it. The GPL makes certain that a public resource remains a public resource, to which all users have the same right of access.
  • What are the differences? Someone mentioned there's a link to SELinux on the TrustedBSD website. And from reading what's incorporated in TrustedBSD, it seems to me that at first glance it's basically the same thing as SELinux (someone please correct me if this isn't true). They're basically both mandatory access control security overlays for operating systems (the only difference being Linux vs BSD).

    I've worked with SELinux a bit, and (most) everything mentioned on that page is similar (policy file, access control lists, etc) So what I want to know is...what's the difference between the two? (or is there one?)

    Magius_AR

  • Oh, so you're one of these research really sucks, we should all make some big nasty hack instead sort of arse-crack? I mean, I don't exactly know how DARPA grants work, but I know that there are other expenses than pure salaries. Does travel expenses or hardware expenses mean anything to you? Besides, it is pretty common to secure ones back by saying something like: ``Ok, we'll probably manage to pull this off, but will likely discover that there still are some unresolved issues that we might need to work on in the future (of course, if you would like to give us more funding at that time, we would be very thankful).'' Mentioning something like this in an application or press release doesn't really cost very much.

  • Sounds good (Score:5)

    by ageitgey ( 216346 ) on Monday July 09, 2001 @09:05AM (#97434) Homepage
    All slashdot open-source bias aside, this is the perfect example of how the government can use our money to benefit as many people as possible. There is nothing wrong with selling your software, but open-source is a great way to make best use of public money since the public benefits as well as the goverment agency.

    I've got no problem with Microsoft selling to Coke or Ford or whomever, but I think the government should take advantage of and improve public property whenever possible. This is the IP equivelent of public parks that everyone can enjoy and share. Instead of using our taxes to further the causes of private companies, we can use our taxes to improve software for everyone.

  • I have never seen a public parking lot, which I can legally use for any purpose provided that the state gets the "credit where credit is due."
  • ... to make it easier for the Chinese government to pretend they wrote it :-)
  • Heehee, like anyone wants DirectX running on their *server*...

    Well, maybe if it's just a Tribes2 server I guess, but STILL... roflmao.

  • This is a superb troll. Someone mod it as such.

  • For everyone who thinks that they should have used OpenBSD, let me give you a heads up. Whenever you see the work "Trusted" in front of an OS name, it means that that version has been officially certified secure both in design and code audits. Trusted is the highest level of security available and is the only type of OS used for high security work. (Think FBI and CIA) Another example besides TrustedBSD [trustedbsd.com] is Trusted Solaris [sun.com].

    As for FreeBSD being the base for TrustedBSD, my understanding is that TrustedBSD was started by a branch of the FreeBSD team as thus used FreeBSD. Ok, enough shameless karma horing for today.

  • BSDL vs. GPL argument aside, if they're spending public tax payers dollars, to improve public property, then the code should be released under the public domain. No license is completely free.
  • I'm well aware of the BSD license and how unrestrictive it is. My point was the government should strive to release code under the public domain if it all possible.
  • Gee, thats funny, last I checked you could get OpenBSD for only $30 ;)

    ---------------
  • they didnt necessarily reject them, they just decided to go with BSD authentication instead, which looks a lot better.

    ---------------
  • From the press release: We aim both to target the "low hanging fruit" in Open Source system security, and also to prepare for longer-term research aimed at fundamental security improvements for Open Source software.

    That sounds a lot like "we're going to work on the easy problems and start writing proposals for more grants."

    I've worked on some DARPA grants. "Researchers" seem to expend at least as much effort catering to their project managers and trying to line up their next grant as they do actually taking on the project.

    1.2M / 7people / 1.5 years = ~114K per person per year.
    It looks like they paid paid their salaries (congrats). I hope they spend more time working on security problems than trying to figure out where the next big DOD grant is.

  • The same company that makes the windows anti virus software?

    Why is it everytime I boot my machine the 'virus shield' program is asking to locate the DNS server? This program has no reason to get online.

    Of course I could look at the source, but then they'd find me and throw me in jail for 0wning them.

    Oh, and the network associates whose ftp site is out in the open for any kid that wants full registered flagship software? It's been like that for hmmm... 3 or 4 years now. I'm not going to check though : )
  • It's a shame because you can pick FreeBSD on the shelf at Best Buy and Staples.

    Maybe if it hit Wal-Mart it'll bounce back.

  • Sounds a lot like the way BeOS does things [capabilities]. Too bad that system's going the way of the dinosaurs...
  • Yeah right, conspiracy... funny.
  • It is probably trying to update the engine/virus patterns.
    Ph00l.
  • Unfortunately in Microsoft's eyes, thats all Open Source code... look I'll be the first to admit that the GPL is a cancer, virus, etc. That IS how it is meant to be used, giving the progammer some control over something that would otherwise be uncontrolable. I program, and I release my work under the GPL (sorta)... granted these aren't major commercial programs but thats not the point. The point is I don't mind if someone messes with my source code or if they try to make money off of my programs. However what I do mind is that I have no control over my own code, so decidely so I make it so noone has full control over my code, ever. GPL'd code can be commericial, but I wouldn't reccommend it just yet.
  • whoa... sorry... That came out wildly messy... I apologize. What I meant to get at was that Microsoft does infact dislike Open Source example 1 [cnet.com], example 2 [extropia.com]. They dislike the GPL, and I'd imagine no matter how much you elitest shmucks like to disagree they dislike the BSD licences. The only license microsoft likes is its own... get that straight. This isn't a bad thing, hell Microsoft has always been more of a company than software maker.

  • Important to Community... (Score:4)

    by powerlinekid ( 442532 ) on Monday July 09, 2001 @09:23AM (#97452)
    BSD, Linux... we may be different boats but its still the same ocean. So as a linux advocate, anytime something good happens for BSD or any other Open Source initiative its good for the community. And lets face it, this contract is huge for the community... not so much as in oh, well damn the government is going to fund FreeBSD, but as in the govt is going to fund an Open Source project. This is just another step down the road to general public acceptence... what will all of microsoft's FUD matter if Open Source (Linux and BSD) have the Fed, media and hundreds of thousands of brilliant programmers behind it?
  • All slashdot open-source bias aside, this is the perfect example of how the government can use our money to benefit as many people as possible.

    ...but because it's released under the BSD license, not the GPL, it also allows corporations to add a few proprietary features and resell it. Be the corporation NAI or Microsoft.

    This is the IP equivelent of public parks that everyone can enjoy and share.

    I would argue that the GPL would be a park that everyone can enjoy and share, and that the BSD license would be a park that everyone could share except you had to pay a company to access the nicer parts.

    Honestly, this is why Microsoft has been attacking the GPL. They have not been attacking "Open Source", they are attacking government funded GPL'd projects. When the government funds a BSD licensed project, it's no threat to Microsoft, and they can resell the Windows version next year.

    Not that this is a bad thing. But it's food for thought.
  • We implemented MAC (mandatory access controls) in a modified BSD/OS kernel for the Sidewinder Internet Firewall (Secure Computing) product - we adapted a scheme called "Type Enforcement" from earlier work. In essence it is just MAC capabilities and classifications with a very fine grained definition (Sidewinder ultimately had several hundred types).

    In the TE - a principle (generally a unix process but occasionally a packet or device) has it's identity checked against the type of the object it is accessing. One of the privleges is the ability to change the identity and there is a state table of allowed changes - so as mentioned earlier, one key element is that most privlege changes are one way (typically from more to less). Each subsystem had it's own set of types so there was a virtual sandbox for each piece. Psuedo-objects were referenced for things like port numbers - so that a MAC could say things like telnetd can only listen on TCP port 23, but can't connect() at all or listen on other ports.

    We went a step further an implemented totally seperate protocol stacks for inside versus outside so that we could give different privleges to an inside telnetd (such as allowing elevation to administrative privlege) verus and outside one.

    The only form of privlege elevation was a trusted login - which had to be at the console. Even this login didn't acquire full privlege - there was a special diagnostic kernel that had full privlege (but no external networking) that could be used.

    Key points we discovered over the years. One - lack of real root makes you make your software much more robust. If you have to bring down the box to get at certain privleged files you better be pretty stable. The second was how sloppy Unix software is at needing (or at least letting itself be able) to write willy nilly around the world. Without a doubt the hardest part was getting all of the userland subsystems like mail, web, login, logging, etc. to function within their mandatory little sandboxes. It was amazing how much software was sloppy - opening files that need to be read-only as writable, etc. Granted this was 7-8 years ago and things have definitely gotten better - but it still was scary.

    The curious can look at U.S. patents 5,864,683 and 6,219,707. There is the usual crap in there but wade past the claims and read the description and there is good discussion as to the nature of MAC and TE and the types of attacks they help protect against.

    On the plus side Unix is relatively easy to secure in this fashion. File access and network is relatively well isolated. Biggest risk is "aliasing" - different vectors that might bypass the in-kernel access checks such as mmap()ing files, inherting file handles, etc.

    In general having this functionality available in open software cant help but be a good thing.
    --
    Mark

  • Interesting, while looking at this page, I noticed a link for SELinux / NSALinux. Apparently NAI is the developer of this distro? The page at NAI with information concerning their involvement with SELinux / NSALinux may be found here [nailabs.com].

    Perhaps this distro is not as 'corrupt' or biased as initially thought.

  • BSD developers (Score:3)

    by kraf ( 450958 ) on Monday July 09, 2001 @10:48AM (#97456)
    We've seen quite a few of them listed in the blurb, but my favorite one is still Matt Dillon.
    What a multi-talented guy.
  • Could it be because Theo is a Canadian with beady little eyes?

  • The future of root (Score:5)

    by LinuxDeckard ( 457253 ) <linuxdeckard.netscape@net> on Monday July 09, 2001 @09:06AM (#97458) Homepage
    In the introduction white paper [trustedbsd.org] section II.b (Fine-grained System Capabilities), they describe the root account as being a significat source of risk (if you're rooted, you're owned). The solution under TrustedBSD is to delegate the root responsibilities to various executables. I'm not sure what this solves if root still has access to these new executables. Any ideas on how this will be accomplished?

  • Re:hmm (Score:3)

    by dghcasp ( 459766 ) on Monday July 09, 2001 @09:41AM (#97459)
    Perhaps because:

    OpenBSD positions itself as a "Canadian" operating system to get around U.S. gov't regulations and the U.S. gov't doesn't like giving anything to Canada (except acid rain and fugitive criminals.)

    They offered but Theo had one of his Turette-esque attacks during the negotiations and things went downhill from there.

    Easier to convince Kirk to license the BSD daemon for the new $1 bill.

  • Re:hmm (Score:1)

    by pmz ( 462998 )
    What's with these "*BSD is dead" posts? *BSD systems will never die off as long as there are people who appreciate their attributes. Raw market share numbers are not relevant, as Linux and the *BSD systems have different development goals and philosophies that fundamentally affect their raw popularity. Also, I never really got the impression that the free OSs are competing hard for market share, anyway. They are available (for free) to whomever wishes to use them. Posts claiming "*BSD is dead" are nothing more than FUD of the sort produced by M$. The post above reads like a TV infomercial--written to influence the most stupid among us.
  • I have been following the BSD developments for some time and I want to tell them congratualtions. I owe my coding success to them and I have met great success with my company, Algorithims Unlimited Ltd. using the secure methods of BSD. I hope to someday meet with the developers who write such beautifull code to discuss with them maybe some job opportunitues. Again, thank you BSD adn thanks you Slashdot for giving me this beuatiful website to talk to programmers all over the world.

  • Of course, this is the way to stimulate technology and cut the budget. Forbid people to export strong crypto, thus creating a thriving foreign market. Then spend a lot of money to build it yourself, instead of importing free code with rock solid reputation from Canada.

Slashdot Top Deals

Math is like love -- a simple idea but it can get complicated. -- R. Drabek

Close