# Book for FreeBSD + MAC



## z662 (May 19, 2011)

I am contemplating the idea of implementing Mandatory Access Controls on my webserver.  Was wondering if anyone knew of any good books devoted to detailing MAC on FreeBSD and how to implement them (aside from the handbook).  I would also be interested in reading any online documentation that is a good source and is credible.


----------



## francis (May 23, 2011)

Hi, of course, the best source of information is a handbook. It is very interesting, but there are several publications. Further information can be found in FreeBSD man pages. I recommend especially: mac(4), getfmac(8) and setfmac(8).

*o* *TrustedBSD - MAC*; Official project site. See *Documentation Page*.
*o* *EuroBSDCon 2004 TrustedBSD MAC Framework Talk*; Robert Watson described the desig of the TrustedBSD MAC Framework (it is a .pdf file)
*o* *Desing and implementation of the TrustedBSD MAC Framework*; In this paper, authors will describe the design and implementation of the MAC Framework.

Direct links to two .pdf files (please note that info for FreeBSD 5.0 could be little old and may not contain information which appeared for example a couple years later):
*o* *The TrustedBSD MAC Framework: Extensible Kernel Access Control for FreeBSD 5.0*; Descriptions about the requirements, design etc.
*o* *Design and Implementation of the TrustedBSD MAC Framework*; Again the authors discuss about implementation of the MAC framework. But it is obvious.

I hope you will find something interesting for you. MAC  is really interesting, but powerful mechanism and contains really advanced security features for FreeBSD. Please remember that there is also a couple of others, various security features like: acl(9), audit(4), or security/openbsm and many, many more.


----------



## z662 (May 23, 2011)

Excellent, thanks!


----------

