Date: Sat, 2 Jul 2011 15:41:23 +0000 (UTC) From: Jonathan Anderson <jonathan@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r223723 - head/sys/conf Message-ID: <201107021541.p62FfN67046078@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jonathan Date: Sat Jul 2 15:41:22 2011 New Revision: 223723 URL: http://svn.freebsd.org/changeset/base/223723 Log: Define the CAPABILITIES kernel option. This option will enable Capsicum capabilities, which provide a fine-grained mask on operations that can be performed on file descriptors. Approved by: mentor (rwatson), re (Capsicum blanket ok) Sponsored by: Google Inc Modified: head/sys/conf/NOTES head/sys/conf/options Modified: head/sys/conf/NOTES ============================================================================== --- head/sys/conf/NOTES Sat Jul 2 13:54:20 2011 (r223722) +++ head/sys/conf/NOTES Sat Jul 2 15:41:22 2011 (r223723) @@ -1162,7 +1162,8 @@ options MAC_STUB options MAC_TEST # Support for Capsicum -options CAPABILITY_MODE +options CAPABILITIES # fine-grained rights on file descriptors +options CAPABILITY_MODE # sandboxes with no global namespace access ##################################################################### Modified: head/sys/conf/options ============================================================================== --- head/sys/conf/options Sat Jul 2 13:54:20 2011 (r223722) +++ head/sys/conf/options Sat Jul 2 15:41:22 2011 (r223723) @@ -63,6 +63,7 @@ SYSCTL_DEBUG opt_sysctl.h ADAPTIVE_LOCKMGRS ALQ AUDIT opt_global.h +CAPABILITIES opt_capsicum.h CAPABILITY_MODE opt_capsicum.h CODA_COMPAT_5 opt_coda.h COMPAT_43 opt_compat.h
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201107021541.p62FfN67046078>