Home > IT Blogs > Irregular Expressions/

Irregular Expressions:

biba

1
June 4, 2010  11:35 PM

Building a FreeBSD MAC Kernel – Part 3



Posted by: Dan O'Connor
biba, FreeBSD biba, freebsd kernel, freebsd MAC

The last command we ran with this was the 

make installkernel KERNCONF=MAC
before I got completely off topic talking about the Biba integrity model. For the installation of the kernel that basically wraps it up, the installkernel command copied the new kernel to /boot/kernel and made...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

May 29, 2010  11:17 PM

More Biba



Posted by: Dan O'Connor
biba, Cissp

Here is a little more information regarding the biba integrity model, wikipeda has a basic explanation about it. http://en.wikipedia.org/wiki/Biba_Integrity_Model I prefer the CISSP cbk, It has a good write up of it and other models. If you can borrow that book or pickup your own it's worth...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

May 21, 2010  12:51 PM

Biba explained – Part 5



Posted by: Dan O'Connor
biba, FreeBSD biba

This is where things can get confusing, learning how labels and the levels work was pretty easy.  The compartments work differently, here is an example. 

process1        biba/50:5+6+7
process2        biba/50:5+6
process3        biba/50
Here we have three processes, all level...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

May 21, 2010  12:37 PM

Biba explained – Part 4



Posted by: Dan O'Connor
biba, FreeBSD biba

In the last section we left off on compartments and labels.  I think we have explained what and how the label works with the files and processes in a system, compartments have a good chance at making your head hurt. Here is an example label with a compartment. 

process    ...
  Bookmark and Share     0 Comments     RSS Feed     Email a friend

May 21, 2010  12:26 PM

Biba explained – Part 3



Posted by: Dan O'Connor
biba, FreeBSD biba

Now we can put some context around biba running on a FreeBSD system and some things you could do with it. There is 65,535 levels that can be assigned to a process or file, with 3 special levels. low - It is lower than any other process. equal - It is equal it any other process, it's almost...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

May 21, 2010  9:46 AM

Building a FreeBSD MAC Kernel – Part 2



Posted by: Dan O'Connor
biba, freebsd, freebsd kernel mac, kernel freebsd, mac biba

Once the sync is completed go to /usr/src 

cd /usr/src/
There is a sys/ dir in under src/ in sys/ there is a listing of possible architectures you can build a kernel for, inside the one you select there is a conf/ dir. If you do a 'ls' in the conf/ dir you will see the possible...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

May 18, 2010  1:42 PM

Building a FreeBSD MAC Kernel – Part 1



Posted by: Dan O'Connor
biba, freebsd, freebsd kernel mac, kernel freebsd, mac biba

No not a Mac as in Apple, a MAC as in mandatory access control kernel with biba! To build your own MAC kernel or any FreeBSD kernel you will need to get the source tree, you can do this by using cvsup and a config file. Mine is called supfile, and it looks like this. 

*default...
  Bookmark and Share     0 Comments     RSS Feed     Email a friend

1