That's true. It goes back further than TrustedBSD: Secure Computing Corporation invented Type Enforcement, put it in a high assurance system (LOCK), put it into a BSD-OS for a firewall (Sidewinder firewall), and helped create Flask architecture for integration of type enforcement into vanilla OS's. Flask was ported to Linux in SELinux project. That got enough acceptance that TrustedBSD project was started to do same for FreeBSD. So, full circle back the the OS the tech was first fielded on.
Nonetheless, the old stuff (esp LOCK & LOCK/ix) are still stronger in security architecture and design despite all these years. Good design is timeless I guess. :)
Note: Cambridge's CHERI project and CheriBSD are the cutting-edge for FreeBSD security as they do capability-security from hardware up with FreeBSD already ported. Also supports Capsicum, Flask, and separation kernels if one wanted. True integration of each major branch of INFOSEC. :)
LOCK System http://www.cyberdefenseagency.com/publications/LOCK-An_Histo...
Sidewinder firewall http://www.ittoday.info/AIMS/DSM/83-10-35.pdf
Flask project/architecture https://www.cs.utah.edu/flux/fluke/html/flask.html
Nonetheless, the old stuff (esp LOCK & LOCK/ix) are still stronger in security architecture and design despite all these years. Good design is timeless I guess. :)
Note: Cambridge's CHERI project and CheriBSD are the cutting-edge for FreeBSD security as they do capability-security from hardware up with FreeBSD already ported. Also supports Capsicum, Flask, and separation kernels if one wanted. True integration of each major branch of INFOSEC. :)
https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/