d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d137deac11
freebsd-dev/sys/security
History
Robert Watson babe9a2bb3 Introduce p_canwait() and MAC Framework and MAC Policy entry points 
mac_check_proc_wait(), which control the ability to wait4() specific
processes.  This permits MAC policies to limit information flow from
children that have changed label, although has to be handled carefully
due to common programming expectations regarding the behavior of
wait4().  The cr_seeotheruids() check in p_canwait() is #if 0'd for
this reason.

The mac_stub and mac_test policies are updated to reflect these new
entry points.

Sponsored by:	SPAWAR, SPARTA
Obtained from:	TrustedBSD Project
2005-04-18 13:36:57 +00:00
..
mac Introduce p_canwait() and MAC Framework and MAC Policy entry points 2005-04-18 13:36:57 +00:00
mac_biba Move MAC check_vnode_mmap entry point out from being exclusive to 2005-04-14 16:03:30 +00:00
mac_bsdextended Minor white space synchronization and line wrapping. 2004-10-22 11:15:47 +00:00
mac_ifoff Update my personal copyrights and NETA copyrights in the kernel 2004-02-22 00:33:12 +00:00
mac_lomac Move MAC check_vnode_mmap entry point out from being exclusive to 2005-04-14 16:03:30 +00:00
mac_mls Move MAC check_vnode_mmap entry point out from being exclusive to 2005-04-14 16:03:30 +00:00
mac_none Update my personal copyrights and NETA copyrights in the kernel 2004-02-22 00:33:12 +00:00
mac_partition Update my personal copyrights and NETA copyrights in the kernel 2004-02-22 00:33:12 +00:00
mac_portacl Add a new sysctl/tunable to mac_portacl: 2004-12-08 11:46:44 +00:00
mac_seeotheruids Exempt the superuser from mac_seeotheruids checks. 2005-01-03 12:08:18 +00:00
mac_stub Introduce p_canwait() and MAC Framework and MAC Policy entry points 2005-04-18 13:36:57 +00:00
mac_test Introduce p_canwait() and MAC Framework and MAC Policy entry points 2005-04-18 13:36:57 +00:00