Date: Thu, 21 Mar 2002 18:45:13 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 8189 for review Message-ID: <200203220245.g2M2jD995096@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=8189 Change 8189 by rwatson@rwatson_paprika on 2002/03/21 18:44:28 mac_seeotheruids, a kernel module that provides the ability to prevent users from seeing processes (and related objects) owned by other uids except under specific policy-driven circumstances. This is a superset of the base system security.bsd.see_other_uids policy, and may eventually just replace it. Build and kldload for entertainment. Note that currently this works for sockets due to some odd base system use of credentials. Eventually, this may change, and probably should change. Affected files ... ... //depot/projects/trustedbsd/mac/sys/modules/Makefile#11 edit ... //depot/projects/trustedbsd/mac/sys/modules/mac_seeotheruids/Makefile#1 add ... //depot/projects/trustedbsd/mac/sys/security/mac_seeotheruids/mac_seeotheruids.c#1 add Differences ... ==== //depot/projects/trustedbsd/mac/sys/modules/Makefile#11 (text+ko) ==== @@ -55,6 +55,7 @@ lomac \ lpt \ mac_bsdextended \ + mac_seeotheruids \ md \ mii \ mlx \ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203220245.g2M2jD995096>