[Info-vax] OS implementation languages
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Tue Sep 5 15:19:30 EDT 2023
On 2023-09-05 17:56:40 +0000, Simon Clubley said:
> In this context, it simply means the ability to support MAC security,
> _including_ the ability to help keep a successful compromise contained,
> which is what SELinux offers.
OpenVMS SEVMS-style and MLS-style mandatory access controls are
somewhere between exceedingly difficult to administer and to use, and
approximately useless. Bell-LaPadula-style MAC works well for its
target of 1990s-era US Department of Defense and related app designs
and server installations. US DoD itself largely avoided adopting MAC
and MLS and went heavily to System High designs, too. Bell-LaPadula
security usefulness for newer applications and environments and
expectations? Not so much. This having spent time working on and using
SEVMS.
Somewhat newer than MAC and MLS are jails (and sandboxes and ilk).
These are usually based on mandatory access controls mechanisms, though
are vastly more usable and adoptable than are traditional MAC or MLS.
https://docs.freebsd.org/en/books/handbook/jails/
Preferably that jail-related work all tied into the app installation
tooling, to ease the load on the system administrators. Unfortunately
for that preference, PCSI and related tooling, and the most recent
major security enhancements work from OpenVMS V6.0 are all from well
before Y2K, and have... not kept up with competing expectations.
VSI seems unlikely to overhaul the existing OpenVMS security anytime
soon. At most, I'd expect to see VSI add a mechanism akin to pledge(2).
Maybe with unveil(2) added.
What's pledge(2)? Presentation by Theo de Raadt on pledge(2):
https://www.youtube.com/watch?v=F_7S1eqKsFk
I don't foresee speedy developer adoption of pledge(2) on OpenVMS,
assuming that API was even added.
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list