Early spring cleaning:

Unhook lomac(4) manual page and remove it. The code was removed by rwatson over two years ago.
2005-01-06 01:27:55 +00:00 · 2005-01-06 01:27:55 +00:00 · 8318960abd
commit 8318960abd
parent 5de2b5750c
2 changed files with 0 additions and 141 deletions
--- a/share/man/man4/Makefile
+++ b/share/man/man4/Makefile
@ -120,7 +120,6 @@ MAN=	aac.4 \
 	led.4 \
 	lge.4 \
 	lo.4 \
-	lomac.4 \
 	lp.4 \
 	lpbb.4 \
 	lpt.4 \
--- a/share/man/man4/lomac.4
+++ b/share/man/man4/lomac.4
@ -1,140 +0,0 @@
-.\" Copyright (c) 2001 Networks Associates Technology, Inc.
-.\" All rights reserved.
-.\"
-.\" This software was developed for the FreeBSD Project by NAI Labs, the
-.\" Security Research Division of Network Associates, Inc. under
-.\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA
-.\" CHATS research program.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in the
-.\"    documentation and/or other materials provided with the distribution.
-.\" 3. The name of the author may not be used to endorse or promote
-.\"    products derived from this software without specific prior written
-.\"    permission.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
-.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-.\" SUCH DAMAGE.
-.\"
-.\" $FreeBSD$
-.\"
-.Dd November 20, 2001
-.Dt LOMAC 4
-.Os
-.Sh NAME
-.Nm LOMAC
-.Nd Low-Watermark Mandatory Access Control security facility
-.Sh SYNOPSIS
-.Li "kldload lomac"
-.Sh DESCRIPTION
-The
-.Nm
-module provides a drop-in security mechanism in addition to the traditional
-.Tn POSIX
-UID-based security facilities, requiring no additional configuration
-from the administrator.
-.Nm
-aims to be two things: it is non-intrusive, so that the system with
-.Nm
-will not feel largely different from the system without it, and will not
-require much modification to initialize; it is also comprehensive enough
-that a majority of attacks to compromise a system should fail.
-.Pp
-To this end, each process on the system will have a label of several
-attributes, including a
-.Dq high
-or
-.Dq low
-security level, attached to it,
-and these labels of integrity will be managed with a system cognizant
-of IPC (signals, debugging, sockets, pipes), path-based file system
-labels, virtual memory objects, and privileged system calls.
-A process (or set of vmspace-sharing processes) will initially inherit
-the integrity level of its parent, which, at the point of
-.Nm
-being started with
-.Xr kldload 8 ,
-will be high.
-If it reads lower-integrity data from one of the controlled mechanisms,
-it will then decrease its integrity level, and access to modify
-higher-integrity data will be revoked.
-.Sh IMPLEMENTATION NOTES
-.Nm
-on
-.Fx ,
-as implemented currently, should properly respect all aspects of any
-.Xr chroot 8
-or
-.Xr jail 8
-operation performed after it has been initialized.
-Pre-existing jail or chroot environments may not necessarily work
-completely.
-.Nm Ns 's
-file system should correctly respect the caching behavior of any of the
-system's file systems, and so work for any
-.Dq normal
-or
-.Dq synthetic
-file systems.
-After loaded, another root
-.Xr mount 8
-will exist on the system and appear as type
-.Dq lomacfs .
-.Sh FILES
-See
-.Pa /sys/security/lomac/policy_plm.h
-for specific information on exactly how
-.Nm
-has been compiled to control access to the file system.
-.Sh COMPATIBILITY
-Some programs, for example
-.Xr syslogd 8 ,
-may need to be restarted after
-.Nm
-is initialized for them to continue proper operation.
-This version of
-.Nm
-has not had widespread testing, so some common programs have probably
-not been tested and could have issues that need to be worked around or
-fixed.
-.Sh SEE ALSO
-.Xr kldload 8
-.Sh HISTORY
-.Nm
-was initially implemented for Linux systems over the past several years.
-Since then, this implementation was created via funding from the
-United States DARPA.
-See the copyright for details.
-.Sh AUTHORS
-.An Brian Fundakowski Feldman Aq bfeldman@tislabs.com
-.An Timothy Fraser Aq tfraser@tislabs.com
-.Sh BUGS
-.Nm
-has not gone through widespread testing yet, so many problems may still exist.
-There is still yet one unfixed panic which is reproduceable under load
-.Xr ( vrele 9
-being called too many times).
-The operation of
-.Xr mount 2
-and
-.Xr unmount 2
-may not work properly or at all once
-.Nm
-has been loaded.
-After being loaded, the system must be restarted to revert to a state
-without
-.Nm .