Date: Tue, 4 Feb 2003 22:41:23 -0800 (PST) From: Adam Migus <amigus@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 24682 for review Message-ID: <200302050641.h156fN3E091269@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=24682 Change 24682 by amigus@amigus_ludo on 2003/02/04 22:41:00 IFC (one minute too early last time). Affected files ... .. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/sec-arch/OUTLINE.TrustedBSD#2 edit .. //depot/user/amigus/amigus_mac/sys/security/mac_biba/mac_biba.c#14 integrate Differences ... ==== //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/sec-arch/OUTLINE.TrustedBSD#2 (text+ko) ==== @@ -1,4 +1,4 @@ -$P4: //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/sec-arch/OUTLINE.TrustedBSD#1 $ +$P4: //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/sec-arch/OUTLINE.TrustedBSD#2 $ This document outlines the Security Architecture (WIP). As time progresses and more of the document becomes written, each entry in the outline will @@ -21,9 +21,16 @@ 2. Security-Related Definitions 2.1. Security Policy 2.2. Subjects and Objects - 2.3. MAC - 2.4. DAC - 2.5. ... (more to come as they "come up") + 2.3 Security Models (introduce next section). +II. Security Models + 3. MAC + 4. DAC + 5. Implementations in UNIX + - DAC and MAC. + - Lots of references. + 2.3.4 Conflicts/Collisions (very brief) + - Mention further research required to + understand he implications/requirements. II. Kernel Security ("Kernel Security Model?") 3. Kernel Security Policy[footnote 1] 3.1. [UN] Regarding suser, the root user, etc. ==== //depot/user/amigus/amigus_mac/sys/security/mac_biba/mac_biba.c#14 (text+ko) ==== @@ -95,13 +95,14 @@ &destroyed_not_inited, 0, "Count of labels destroyed but not inited"); static int trust_all_interfaces = 0; -SYSCTL_INT(_security_mac_biba, OID_AUTO, trust_all_interfaces, CTLFLAG_RD, +SYSCTL_INT(_security_mac_biba, OID_AUTO, trust_all_interfaces, CTLFLAG_RW, &trust_all_interfaces, 0, "Consider all interfaces 'trusted' by MAC/Biba"); TUNABLE_INT("security.mac.biba.trust_all_interfaces", &trust_all_interfaces); static char trusted_interfaces[128]; -SYSCTL_STRING(_security_mac_biba, OID_AUTO, trusted_interfaces, CTLFLAG_RD, - trusted_interfaces, 0, "Interfaces considered 'trusted' by MAC/Biba"); +SYSCTL_STRING(_security_mac_biba, OID_AUTO, trusted_interfaces, CTLFLAG_RW, + trusted_interfaces, sizeof(trusted_interfaces), + "Interfaces considered 'trusted' by MAC/Biba"); TUNABLE_STR("security.mac.biba.trusted_interfaces", trusted_interfaces, sizeof(trusted_interfaces)); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200302050641.h156fN3E091269>