Perforce: //depot/projects/trustedbsd/sebsd/...

Collection: p4-cvs-trustedbsd-sebsd

SEBSD is a port of NSA's FLASK/TE implementation in SELinux to run on FreeBSD as a plug-in module to the TrustedBSD MAC Framework, as well as the policy files and necessary adaptations of FreeBSD's userland applications. At the time of this writing, the SEBSD module can be attached to the kernel and run in enforcing mode using a sample policy; many but not all relevant userland applications have been updated to properly interact with FLASK security contexts, including the login program.

McAfee Research, now SPARTA ISSO, now provides a source tarball and CVSUP source distribution of SEBSD maintained on the FreeBSD Project Perforce Server.

The FLASK/TE implementation provided by NSA, SCC, and SPARTA ISSO (McAfee Research), is licensed under the GNU Public License (GPL), and will be distributed seperately from the remainder of the TrustedBSD components due to these licensing constraints. However, these components are available as source code module that plugs into the MAC Framework.

2006-07-05 7.0-SEBSD supfile: Download. Install notes. This SEBSD snapshot is based on a March 2006 snapshot of FreeBSD 7.x and SELinux sources from the same timeframe. It also includes the new SELinux Reference Policy as a new policy baseline. It should be noted that SEBSD will not currently function in enforcing mode as the new policy development is still at a relatively early stage.

2005-06-24 6.0-SEBSD snapshot ISO: Download. Install notes. This SEBSD snapshot is based on a late-2004 snapshot of FreeBSD 6.x, combined with SELinux sources from that time. An updated SEBSD snapshot to coincide with FreeBSD 6.0-RELEASE will be available in the near future.

2004-01-08 5.1-SEBSD snapshot ISO: Download. Install notes.

In addition, a port of the SEBSD module (along with MAC Framework) to Apple's Darwin operating system is also underway; see the SEDarwin page for more information.