Date: Mon, 12 Aug 2002 18:05:47 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 15886 for review Message-ID: <200208130105.g7D15l5d055528@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15886 Change 15886 by rwatson@rwatson_tislabs on 2002/08/12 18:05:04 Change the default behavior when revoking a mapping from "fail not-stop" to "fail-stop". This is the expected behavior for most policies for consistency with other platforms -- we may want to investigate whether we can find a way to allow policies to express a preference on downgrade behavior. Affected files ... .. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#236 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#236 (text+ko) ==== @@ -161,7 +161,7 @@ static int mac_vnode_label_cache_misses = 0; SYSCTL_INT(_security_mac, OID_AUTO, vnode_label_cache_misses, CTLFLAG_RD, &mac_vnode_label_cache_misses, 0, "Cache misses on vnode labels"); -static int mac_mmap_revocation_via_cow = 1; +static int mac_mmap_revocation_via_cow = 0; SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation_via_cow, CTLFLAG_RW, &mac_mmap_revocation_via_cow, 0, "Revoke mmap access to files via " "copy-on-write semantics, or by removing all write access"); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208130105.g7D15l5d055528>