d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ed377cf415
freebsd-nq/sys/security
History
Stephen J. Kiernan ed377cf415 sysctls which should be restricted when securelevel is raised should also 
be restricted when veriexec is enforced.

Add mpo_system_check_sysctl method to mac_veriexec which does this.

Obtained from:	Juniper Networks, Inc.
MFC after:	1 week
2019-05-17 18:09:48 +00:00
..
audit Create new EINTEGRITY error with message "Integrity check failed". 2019-01-17 06:35:45 +00:00
mac When MAC is enabled and a policy module is loaded, don't unconditionally 2019-05-03 20:38:43 +00:00
mac_biba
mac_bsdextended Remove unused argument to priv_check_cred. 2018-12-11 19:32:16 +00:00
mac_ifoff
mac_lomac Remove unused argument to priv_check_cred. 2018-12-11 19:32:16 +00:00
mac_mls
mac_none
mac_ntpd Make it possible to run ntpd as a non-root user, add ntpd uid and gid. 2018-07-19 23:55:29 +00:00
mac_partition Remove unused argument to priv_check_cred. 2018-12-11 19:32:16 +00:00
mac_portacl Remove unused argument to priv_check_cred. 2018-12-11 19:32:16 +00:00
mac_seeotheruids Remove unused argument to priv_check_cred. 2018-12-11 19:32:16 +00:00
mac_stub
mac_test
mac_veriexec sysctls which should be restricted when securelevel is raised should also 2019-05-17 18:09:48 +00:00
mac_veriexec_parser Create kernel module to parse Veriexec manifest based on envs 2019-04-03 03:57:37 +00:00