Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
BSD Operating Systems News

TrustedBSD Interview in Boardwatch 27

Posted by michael from the double-plus-hyper-secure dept.
Anonymous Coward writes "The September edition of Boardwatch magazine includes an in-depth interview with Robert Watson, a TrustedBSD developer."
This discussion has been archived. No new comments can be posted.

TrustedBSD Interview in Boardwatch More

TrustedBSD Interview in Boardwatch

Comments Filter:

  • Re:SIGNAL 11 IS NOT FUNNY!!!!!!!!!!!! (Score:1)

    by Anonymous Coward
    Both of you fellows are quite mistaken about the weed, there!
    Try smoking it sometime, and gain some insight on the non-debilitating nature of marijuana.
  • Hmm.. I give that a 2 out of 10 on the flamebait scale. See, you came right out with the "Windows2000 is better than your OS" flame that has no basis in reality. That's a big minus right there. Also, the gratuitous use of assumed facts ("not better than any of the commercial alternatives by any metric") is also poorly scored. Next time try using some made up figures and facts that give your flamebait more credence. For example, say "Windows2000 achieved the DISA ic9.ca security rating during a recent audit making it the most secure commercial operating system on the market today. OpenBSD and likewise Linux or *BSD has yet to receive the coveted DISA ic9.ca security rating and is therefore not up to par with commercial best practices and alternatives. Thanks for playing but try again next time.
  • any moderator that think signal 11's posts are funny must be smoking 3 bowls of weed a day. this guy is LAME!!

    Oh get with it you twit. The traditional retort about moderation is that they should lay off the cheap five dollar crack. 3 bowls of weed a day would probably make them incapable of moderation. Comeon, think alittle.

    --

  • Clear this up for me... What has he done that's so evil? I read Theo this and Theo that all the time here on slashdot, but no one's ever actually said what makes him so bad?

    Regardless of what you think of him, his code is about the most secure out there these days... And that IS saying something.
  • You may want to look at Capsel [elzabsoft.pl] for linux. I am not sure of its capabilities (no pun intended).
  • ...Theo and the gang just can't play very well with others, and I wonder if this project would be that much cooler if they could?

    Your understanding of the past is horrible son. Who says they all have to cooperate? Maybe the folks working on TrustedBSD never asked them (Theo and the gang)? Or maybe they have different aspects on security?

    IMHO, the work on TrustedBSD is useless. A bunch of security standards the govt put in place which are now 15 years dated.

  • Since the site itself seems slashdotted to an extent.

    http://memb ers .iinet.net.au/~locust/iw-mirror/bw/sep/Unix_Flavor .htm [iinet.net.au]

  • The site seems to be slashdotted, so apologies if I'm just duplicating the article, but OpenBSD is forked from NetBSD wheras TrustedBSD is forked from FreeBSD. The BSD types tend to be zealous enough that getting a TrustedBSD developer to work with NetBSD, or an OpenBSD developer to work from FreeBSD... you'd probably have better luck recruiting Linus Torvalds himself to work on one of the BSD variants :)
  • lol... that's my .sig. :-) I guess I should put those signature delimeter lines in.

    Seriously though, I've used NT. While it's ``easy to use'' I just find the whole Windoze line to be uneccesarily restrictive in terms of it's user environment. I don't mean security-wise, I mean in regards to pure hack value.

    I have no problem using NT when I have to (a.k.a. at work) but all of my home boxes are *nix and bsd.

    --

  • So what kind of license is this released under? The legal page [trustedbsd.org] doesn't really say much other than that the orignal authors keep the copyright to the code. And then it says it's released under a "liberal" license.

  • > that Theo and the gang just can't play
    > very well with others

    In that case Heathcliff will have to punish them, and punish them he will.

    Before introducing another blues playing uncle.

  • Perhaps you should read the damn article. OpenBSD doesn't do, e.g., ACLs.

  • Re:Trusted, systems (Score:2)

    by Anonymous Coward
    If your security depends on hiding the mail server's IP address and your mail client, you're in bigger trouble than just that.
  • First you say:

    IMHO having a single root is the biggest flaw of *nix operating systems.

    Then you say:

    The day microsoft makes something that doesn't suck is the day they start making vacuum cleaners

    I'd just like to point out that NT has always had the ability to separate out adminstrative responsibilities, and comes configured for separate printer admins, backup operators, etc. So it's not all bad! :0)

  • Now, don't take this the wrong way.. but why should I trust my precious data to a system that proudly displays a little red devil for its logo, is organized by a bunch of code hippies, and has stamped to the side Evil Inside ?

    *Note to moderators: Yes, this is humor. Yes, you're going to moderate it up. No, No... stop. No. LEAVE THE DIAL ALO-#!@

    --

  • You're right that "trusted" systems are probably useless as webservers or whatever. My understanding is that you could have buffer-overflows and root exploits up the butt, and still be considered by the government as "trusted".

    which is not to say that trusted systems are useless. Preventing the user from performing certain operations with confidential information is a desktop feature I'd like to see. (Back when I did mail administration about once a week we had some PHB who asked us to "unsend" a message containing confidential personal or business data, usually to the Internet.)
    --

  • You're right that "trusted" systems are probably useless as webservers or whatever.

    Some people don't agree. It is actually a significant product that has won awards [hp.com] for HP. Of course it is useless to anyone else; see patent US5903732 "secure Web platform (SWP) implementing a mandatory access control policy" etc.

  • Just like most OpenBSD security fixes appear in FreeBSD, NetBSD and sometimes even Linux most of the TrustedBSD extensions will be found in the others over time. NetBSD contributes a good number of portability fixes and design to the various BSD's as well. Heck, even Mac has thrown in a ton of speed enhancements and modularity design patches. The FreeBSD kernel has rescently gone through parallel development with the new SMP code which is in the process of being implemented (and fixed up) in the main source tree. I would expect any major undertaking to use the same approach to keep the basic code tree mostly usable. Afterall, theres more than just a few people doing development.
  • They're working around the CC sure, and yes they might be "dated" in that they were written years ago, but the concepts are still true. ACL's are better than standard Unix file permissions because of granularity.

    The ability to allow limited access into specific portions of system resources without allowing them to run privileged is a Good Thing.

    The point is, yes, there's exploits AND trust violations...we need to work on fixing BOTH. OpenBSD has done brilliant work on one, while ignoring the other. TrustedBSD is going brilliant work on the other, but ignoring the first.

    If I could code I'd work on trying to bring the TrustedBSD extensions into the OpenBSD codebase and submitting diffs...but my C is pretty damn abysmal.

  • The article briefly touches on OpenBSD, and mentions the differences...and it brought to mind the opinion I've heard floating through the *BSD community, that Theo and the gang just can't play very well with others, and I wonder if this project would be that much cooler if they could? OpenBSD has some killer code auditers, and they've done some great work on securing the OS...but wouldn't these trusted OS extensions be the icing on the cake to make theirs a truly formiddable OS for the security conscious?
  • That man (more like a whiny little brat) is the most stubborn, immature, pig-headed piece of crap out there

    Another parallel to Linux and its Fuhrer, er, leader...

    --

  • Re:Trusted, systems (Score:3)

    by sql*kitten ( 1359 ) on Monday October 02, 2000 @03:02AM (#741314)
    Most attacks come from within.

    That's what trusted systems are designed to address. Think about it: why should your sysadmin be able to read, say, the payroll? Under a conventional Unix, there's nothing to stop that hapenning, apart from trust, and you can't rely on trust in a huge organization where many technical roles may be fulfilled by contractors or outsourced.

    I believe that B2 certification requires that the sysadmin can be prevented from reading your files, apart from to backup and restore them - and even after a restore, the access control will be preserved.

  • Politics (Score:3)

    by v4mpyr ( 185039 ) on Monday October 02, 2000 @07:38AM (#741315)
    If you knew anything about American politics, you'd know that power is split up into three branches - Judiciary, Legislative & Excecutive. The prez is the Executive branch and can't do much without the approval of the other two. Likewise for the others.

    If *nix had a similar system of checks and balances perhaps it would be a bit more secure.

    Having a single root is like having a dictatorship. It could be good if the dictator is good, but if it ends up corrupted the rest of the system is screwed.

    --

  • Nice (Score:3)

    by v4mpyr ( 185039 ) on Sunday October 01, 2000 @03:02PM (#741316)
    ``Rather than having just a single ?root? user, limited administration capability can be broken up among a number of administrative accounts - ensuring that even an administrator account compromise is non-fatal.

    Nice!!! IMHO having a single root is the biggest flaw of *nix operating systems. It'll be interesting to see how all of the critical privileges will be split up in order to minimize the damage of a break-in.

    --
  • TrustedBSD is not a fork in the traditional sense. It is a stream of parallel development and nearly all the patches will eventually be incorporated into FreeBSD when they are proven reliable.

  • Trusted, systems (Score:4)

    by cluge ( 114877 ) on Sunday October 01, 2000 @03:32PM (#741318) Homepage
    Trusted systems are neat, but trusted system users shouldn't forget :
    • 1. Most attacks come from within.
    • 2. Most network connected computers are not usually as secure as the server.
    • 3. The users of any "secure" system MUST be taught security. (anti-social engineering, good data integrity practices, etc.)
    While many companies and institutions concentrate on building more secure "machines", they spend almost no money on training their employees. Call up the help desk of your favorite fortune 500 company, claim your Mr. X use an on-line company directory to get someones name that is HIGH up. A board member is always good. Bitch about not being able to get your mail, while you may not get a passwd, you WILL get the IP address of the POP3 server, what the mail client is used.

    Security can only start after every one is trained to be secure.

  • This is forward progress (Score:4)

    by Animats ( 122034 ) on Sunday October 01, 2000 @04:22PM (#741319) Homepage
    It's not that hard to implement mandatory security in an OS kernel. (There's a mandatory security mod for Linux, which nobody uses.) The hard part is making the administrative tools live within its limits. We'll have to see how well this group handles that problem.

    Here's something to think about: How should software installation work in a secure system? The installation process for untrusted applications needs to be untrusted; it shouldn't be possible to break anything or install a security hole when installing an untrusted application. Package management needs to accept more restrictions; running installs as root is out. Fixing this requires a lot of grunt work and some cleverness. In particular, shared component management in a secure environment is a lot more complex. Worth fixing, though; that's one of the giant pains of OS use today.

Slashdot Top Deals

Where are the calculations that go with a calculated risk?

Close