BSDCan2013 - Final

BSDCan 2013
The Technical BSD Conference

Kirk McKusick
Day Talks - Day 1 - 2013-05-17
Room MNT 202
Start time 10:00
Duration 01:00
ID 417
Event type Lecture
Track Hacking
Language used for presentation English

An Overview of Security in the FreeBSD Kernel

The FreeBSD security model has been developed over thirty years of evolving consumer needs. Many of the key developments have come from the contributions of an active security research community.

This talk describes the underlying model and its practical implementation, from its origins in the UNIX process model and file permissions, to more recent additions: the Capsicum capability model, lightweight Jail virtualization, Mandatory Access Control, and security event auditing. These elements combine to meet the requirements of diverse systems ranging across hand-held computing devices, network devices, storage appliances, and Internet service-provider's large-scale hosting environments.