site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=OYjwVvxn29v7wRnw8DNw/BHZOZ3js7cGKw0NOPK38vU=; b=xi6Kb+QS8ghW9FLXTxfLL+sbdJBlcvKrecYjycgSJPVR+qH6oVaiNzluNvV8cS2Gv5 1Z4f2dqQFA/tGggbF9eXit+qH22lU9LA38hf+Yvkc/2jXA+wVOujs7msAeztblVtwmlZ eZgFhAZUXTUluK6soelhBvd0brtR5zWDZPeJQ= Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=L23fQRmbBLi8Fshww6F0EPE/QcSC5eWP3zAonm2AF4uqDXKKuArJhXTmUyqzmxnpf8 shjIjIUE720BQpPnxrpgmFC1t5H/rmLssEgLWQ6vkOuqiSVkro/70XE5vQQQzrxk3tiW MP9UMPI16nWju6lljVzd/oap/LbEEvAQFvV9I= SEBSD/SEDarwin are both external projects (developed by Sparta Inc. and contributors), with inspiration from the original Flask project (now SElinux since a few years...). I wonder if the AVC and such are exact implementations of the original design. That said, I wonder if Apple has provided means to let KEXTs interact with the MAC framework, set its own hooks, etc. In addition, Seatbelt is closed source and Apple itself discourages its usage by third-parties since the interfaces are subject to changes, besides being largely undocumented. On Tue, Dec 16, 2008 at 5:49 AM, Michael Smith <drivers@mu.org> wrote:
On Dec 14, 2008, at 10:16 PM, John D. wrote:
On other hand. I still think kauth is severely limited (crippled) as it is implemented right now.
Kauth was a means to an end. It has been largely superseded in a broad sense by the MAC framework, which in turn facilitates Seatbelt and several other useful features. You will note that this supercession was not achieved by removing the Kauth symbols from the KPI.
= Mike
-- - John Denkar _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... This email sent to site_archiver@lists.apple.com