Date: Tue, 4 Feb 2003 13:28:46 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/security/mac_biba mac_biba.c src/sys/security/mac_mls mac_mls.c Message-ID: <200302042128.h14LSk5a084827@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
rwatson 2003/02/04 13:28:46 PST
Modified files:
sys/security/mac_biba mac_biba.c
sys/security/mac_mls mac_mls.c
Log:
Place more stringent checks on process credential relabeling for the Biba
and MLS policies: as we support both an effective (single) element and
range (available) elements, require that the single be in the range if
both the single and range are defined in the update. Remove comments
suggesting that such a check might be a good idea.
Don't introduce a similar check for network interfaces; due to different
interpretations of the single and range elements, it's not clear that
it's useful to do so.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Revision Changes Path
1.52 +10 -6 src/sys/security/mac_biba/mac_biba.c
1.40 +11 -6 src/sys/security/mac_mls/mac_mls.c
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200302042128.h14LSk5a084827>