freebsd-nq/sys/security
Robert Watson 8c7327e183 Provide a simple sample labeled access control policy, mac_partition.
This policy can be loaded dynamically, and assigns each process a
partition number, as well as permitting processes to operate outside
the partition.  Processes contained in a partition can only "see"
processes inside the same partition, so it's a little like jail.
The partition of a user can be set using the label mechanisms in
login.conf.  This sample policy is a good starting point for developers
wanting to learn about how to produce labeled policies, as it labels
only one kernel object, the process credential.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-23 23:36:27 +00:00
..
lomac Regularize the vop_stdlock'ing protocol across all the filesystems 2002-10-14 03:20:36 +00:00
mac Remove the mac_te policy bits from 'struct oldmac' -- we're not going 2002-10-22 17:19:06 +00:00
mac_biba Style fix: space between 'switch' and '('. 2002-10-22 19:01:49 +00:00
mac_bsdextended Merge implementation of mpo_check_vnode_link() for various appropriate 2002-10-05 18:25:48 +00:00
mac_ifoff Rename mac_check_socket_receive() to mac_check_socket_deliver() so that 2002-08-15 18:51:27 +00:00
mac_mls Style fix: space between 'switch' and '('. 2002-10-22 19:01:49 +00:00
mac_none Adapt MAC policies for the new user API changes; teach policies how 2002-10-22 14:31:34 +00:00
mac_partition Provide a simple sample labeled access control policy, mac_partition. 2002-10-23 23:36:27 +00:00
mac_seeotheruids Introduce support for Mandatory Access Control and extensible 2002-07-31 18:07:45 +00:00
mac_stub Adapt MAC policies for the new user API changes; teach policies how 2002-10-22 14:31:34 +00:00
mac_test Adapt MAC policies for the new user API changes; teach policies how 2002-10-22 14:31:34 +00:00