84f8c77a42
- Add a new "qsize" parameter in audit_control and the getacqsize(3) API to query it, allowing to set the kernel's maximum audit queue length. - Add support to push a mapping between audit event names and event numbers into the kernel (where supported) using new A_GETEVENT and A_SETEVENT auditon(2) operations. - Add audit event identifiers for a number of new (and not-so-new) FreeBSD system calls including those for asynchronous I/O, thread management, SCTP, jails, multi-FIB support, and misc. POSIX interfaces such as posix_fallocate(2) and posix_fadvise(2). - On operating systems supporting Capsicum, auditreduce(1) and praudit(1) now run sandboxed. - Empty "flags" and "naflags" fields are now permitted in audit_control(5). Many thanks to Christian Brueffer for producing the OpenBSM release and importing/tagging it in the vendor branch. This release will allow improved auditing of a range of new FreeBSD functionality, as well as non-traditional events (e.g., fine-grained I/O auditing) not required by the Orange Book or Common Criteria. Obtained from: TrustedBSD Project Sponsored by: DARPA, AFRL MFC after: 3 weeks
43 lines
921 B
Plaintext
43 lines
921 B
Plaintext
OpenBSM Credits
|
|
|
|
The following organizations and individuals have contributed substantially to
|
|
the development of OpenBSM:
|
|
|
|
Apple Inc.
|
|
McAfee Research, McAfee, Inc.
|
|
SPARTA, Inc.
|
|
Robert Watson
|
|
Wayne Salamon
|
|
Suresh Krishnaswamy
|
|
Kevin Van Vechten
|
|
Tom Rhodes
|
|
Wojciech Koszek
|
|
Chunyang Yuan
|
|
Poul-Henning Kamp
|
|
Christian Brueffer
|
|
Olivier Houchard
|
|
Christian Peron
|
|
Martin Fong
|
|
Pawel Worach
|
|
Martin Englund
|
|
Ruslan Ermilov
|
|
Martin Voros
|
|
Diego Giagio
|
|
Alex Samorukov
|
|
Eric Hall
|
|
Xin LI
|
|
Stacey Son
|
|
Todd Heberlein
|
|
Gary Hoo
|
|
Dave Bertouille
|
|
Jonathan Anderson
|
|
Pawel Jakub Dawidek
|
|
Joel Dahl
|
|
Ryan Steinmetz
|
|
The FreeBSD Foundation
|
|
Brooks Davis
|
|
|
|
In addition, Coverity, Inc.'s Prevent(tm) static analysis tool and Gimpel
|
|
Software's FlexeLint tool were used to identify a number of bugs in the
|
|
OpenBSM implementation.
|