FreeBSD announced their release of version 6.2-RELEASE today. Normally, I wouldn’t find it so interesting to echo an operating system release announcement on the blog, but this event calls for some special recognition. For one thing, I love FreeBSD. The more interesting point is that 6.2 now includes support for CAPP security event auditing as part of the base system. To quote the FreeBSD handbook,
"FreeBSD 6.2-RELEASE and later include support for fine-grained security event auditing. Event auditing allows the reliable, fine-grained, and configurable logging of a variety of security-relevant system events, including logins, configuration changes, and file and network access. These log records can be invaluable for live system monitoring, intrusion detection, and postmortem analysis. FreeBSD implements Sun's published BSM API and file format, and is interoperable with both Sun's Solaris and Apple's Mac OS X audit implementations."
Yes, in all fairness FreeBSD isn’t the first to support the Controlled Access Protection Profile. But I love FreeBSD and I love that security event auditing is now part of version 6.2.