33cdc78d01
This kernel config briefly describes some of the major MAC policies available on FreeBSD. The hope is that this will raise the awareness about MAC and get more people interested. Discussed with: scottl
29 lines
968 B
Plaintext
29 lines
968 B
Plaintext
# MAC -- Generic kernel configuration file for FreeBSD/amd64 MAC
|
|
#
|
|
# The Mandatory Access Control, or MAC, framework allows administrators to
|
|
# finely control system security by providing for a loadable security pol-
|
|
# icy architecture.
|
|
#
|
|
# For more information see:
|
|
#
|
|
# http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/mac.html
|
|
#
|
|
# $FreeBSD$
|
|
|
|
include GENERIC
|
|
ident MAC
|
|
|
|
options MAC
|
|
|
|
#options MAC_BIBA # BIBA data integrity policy
|
|
#options MAC_BSDEXTENDED # File system firewall policy
|
|
#options MAC_IFOFF # Network interface silencing policy
|
|
#options MAC_LOMAC # Low-watermark data integrity policy
|
|
#options MAC_MLS # Multi-level confidentiality policy
|
|
#options MAC_NONE # NULL policy
|
|
#options MAC_PARTITION # Process partition policy
|
|
#options MAC_PORTACL # Network port access control policy
|
|
#options MAC_SEEOTHERUIDS # UID visibility policy
|
|
#options MAC_STUB # Stub policy
|
|
#options MAC_TEST # Testing policy for the MAC framework
|