Commit Graph

4 Commits

Author SHA1 Message Date
Robert Watson
0285334bc8 License and blurb update authorized by Network Associates. 2002-11-07 20:37:04 +00:00
Robert Watson
da30581ecb Use size_t instead of int for len variables passed in/out of sysctl.
Pointed out by:	jake
2002-09-27 16:35:19 +00:00
Robert Watson
912dd12ad1 Use "ugidfw.h" rather than <ugidfw.h> so that mkdep can find it.
Suggested by:	mike
2002-08-14 22:30:07 +00:00
Robert Watson
46d1a925c2 Introduce support for Mandatory Access Control and extensible
kernel access control.

Provide a library to manage user file system firewall-like rules
supported by the mac_bsdextended.ko security model.  The kernel
module exports the current rule set using sysctl, and this
library provides a front end that includes support for retrieving
and setting rules, as well as printing and parsing them.

Note: as with other userland components, this is a WIP.  However,
when used in combination with the soon-to-be-committed ugidfw,
it can actually be quite useful in multi-user environments to
allow the administrator to limit inter-user file operations without
resorting to heavier weight labeled security policies.

Obtained form:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-02 07:07:35 +00:00