In terms of mandatory access controls, OpenBSD only has systrace.
Every medium to large Linux deployment that I am aware off has switched
SELinux off. Once you stray from the default configurations that the
system distributors ship with the default policies no longer work and
things start to break. In my admittedly limited experience, this happens
very quickly.
If the policy language was halfway sane then this wouldn't be so bad -
a skilled administrator could adjust the policy. Unfortunately:
1) skilled administrators are hard to come by, and their time is usually
better spent *not* tweaking brittle mandatory access control policies
2) the SELinux policy language is nowhere near sane.
OpenBSD's systrace suffers from #1 - it is a generic problem with these
sorts of access control mechanisms, and it is one reason why it has never
been enabled by default. The brittleness is a real problem - I use
systrace for a few things and often need to update my policies because
of software upgrades or libc changes. Oh, and "skilled administrator"
means someone deeply familiar with the Unix system interface - not a
just a graduate of certification course de jour.
The Linux solution to #2 seems to be to add various wizards and other
abstraction between the administrator and the policy, rather than tossing
the horrid mess and replacing it with something more comprehensible.
I'm sure you could use SELinux to improve the security of a system but
it would require quite a bit of time and effort, both initial and ongoing.
-d
