Good Day, I have no experience with trusted Solaris besides looking at some of the online docs earlier, but am looking forward to playing with the trusted Solaris extensions now that they are available (svn_42).
A couple of questions, Is there any current documentation available for the extensions, googling the opensolaris web site didn't reveal anything? File security labeling occurs where? (In SELinux it is in an XATTR which each file system implements differently, and my impression is that ZFS has a heavy weight equivalent for the ACL implementation, but not sure if that is a huge performance penalty) Are the trusted extensions based on any of the historical security architectures (flask, gfac..) or developed in house? Thank you for your assistance. -- Alexander Barclay University of Tulsa - Ph.D. Student Center for Information Security Enterprise Research Group
