Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 1 Aug 2002 10:23:22 -0700 (PDT)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   cvs commit: src/sys/kern vfs_vnops.c
Message-ID:  <200208011723.g71HNMe1015143@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help
rwatson     2002/08/01 10:23:22 PDT

  Modified files:
    sys/kern             vfs_vnops.c 
  Log:
  Introduce support for Mandatory Access Control and extensible
  kernel access control
  
  Invoke appropriate MAC framework entry points to authorize a number
  of vnode operations, including read, write, stat, poll.  This permits
  MAC policies to revoke access to files following label changes,
  and to limit information spread about the file to user processes.
  
  Note: currently the file cached credential is used for some of
  these authorization check.  We will need to expand some of the
  MAC entry point APIs to permit multiple creds to be passed to
  the access control check to allow diverse policy behavior.
  
  Obtained from:  TrustedBSD Project
  Sponsored by:   DARPA, NAI Labs
  
  Revision  Changes    Path
  1.156     +39 -4     src/sys/kern/vfs_vnops.c

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208011723.g71HNMe1015143>