Remove hard sentence breaks.
Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
This commit is contained in:
chris
parent
1de1410d8e
commit
e21e3a1891
@ -41,14 +41,15 @@
|
||||
.In sys/mac.h
|
||||
.Sh DESCRIPTION
|
||||
The IEEE POSIX.1e specification never left draft form, but the interfaces
|
||||
it describes are now widely used despite inherent limitations. Currently,
|
||||
only a few of the interfaces and features are implemented in
|
||||
it describes are now widely used despite inherent limitations.
|
||||
Currently, only a few of the interfaces and features are implemented in
|
||||
.Fx ,
|
||||
although efforts are underway to complete the integration at this time.
|
||||
.Pp
|
||||
POSIX.1e describes five security extensions to the base POSIX.1 API:
|
||||
Access Control Lists (ACLs), Auditing, Capabilities, Mandatory Access
|
||||
Control, and Information Flow Labels. Of these, the ACL interfaces are
|
||||
Control, and Information Flow Labels.
|
||||
Of these, the ACL interfaces are
|
||||
currently included with
|
||||
.Fx ,
|
||||
Auditing, Capabilities, and Mandatory
|
||||
@ -57,7 +58,8 @@ the calendar.
|
||||
.Pp
|
||||
POSIX.1e defines both syntax and semantics for these features, but fairly
|
||||
substantial changes are required to implement these features in the
|
||||
operating system. As shipped,
|
||||
operating system.
|
||||
As shipped,
|
||||
.Fx 4.0
|
||||
permits file systems to export
|
||||
Access Control Lists via the VFS, and provides a library for userland
|
||||
@ -69,7 +71,8 @@ Available API calls relating to ACLs are described in detail in
|
||||
.Fx
|
||||
currently provides documentation and APIs for fine-grained capability
|
||||
support, but implementation is currently not included in the base
|
||||
system. Documentation of these API calls is provided in
|
||||
system.
|
||||
Documentation of these API calls is provided in
|
||||
.Xr cap 3 .
|
||||
.Pp
|
||||
Additional patches supporting POSIX.1e features are provided by the
|
||||
@ -82,10 +85,13 @@ support for POSIX.1e interfaces and features is still under
|
||||
development at this time.
|
||||
.Sh ENVIRONMENT
|
||||
POSIX.1e assigns security labels to all objects, extending the security
|
||||
functionality described in POSIX.1. These additional labels provide
|
||||
functionality described in POSIX.1.
|
||||
These additional labels provide
|
||||
fine-grained discretionary access control, fine-grained capabilities,
|
||||
and labels necessary for mandatory access control. POSIX.2c describes
|
||||
a set of userland utilities for manipulating these labels. These userland
|
||||
and labels necessary for mandatory access control.
|
||||
POSIX.2c describes
|
||||
a set of userland utilities for manipulating these labels.
|
||||
These userland
|
||||
utilities are not bundled with
|
||||
.Fx 4.0
|
||||
so as to discourage their
|
||||
@ -100,9 +106,11 @@ use in the short term.
|
||||
.Xr extattr 9 ,
|
||||
.Xr mac 9
|
||||
.Sh STANDARDS
|
||||
POSIX.1e is described in IEEE POSIX.1e draft 17. Discussion
|
||||
of the draft continues on the cross-platform POSIX.1e implementation
|
||||
mailing list. To join this list, see the
|
||||
POSIX.1e is described in IEEE POSIX.1e draft 17.
|
||||
Discussion of the draft continues
|
||||
on the cross-platform POSIX.1e implementation
|
||||
mailing list.
|
||||
To join this list, see the
|
||||
.Fx
|
||||
POSIX.1e implementation
|
||||
page for more information.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user