Remove all references to nonexistent FreeBSD Security Architecture

document.
This commit is contained in:
Tim J. Robbins 2005-09-05 10:03:07 +00:00
parent 6595b51a7f
commit d667076bb2

View File

@ -28,7 +28,7 @@
.\" $Id: sec-doc.7,v 1.7 2001/12/22 00:14:12 rwatson Exp$
.\" $FreeBSD$
.\"
.Dd October 12, 2001
.Dd September 5, 2005
.Dt SDOC 7
.Os
.Sh NAME
@ -64,9 +64,7 @@ system.
Begin by listing
those general security requirements that can be violated
through the misuse of the feature.
As described in
the FreeBSD Security Architecture (FSA),
there are four classes of security requirements:
There are four classes of security requirements:
.Bl -hang -offset indent
.It Em integrity
(example: non-administrators should not modify system binaries),
@ -81,44 +79,11 @@ information listing functionality described in its documentation - no more,
no less.)
.El
.Pp
The FSA
contains a list of integrity, confidentiality, availability,
and correctness requirements for the base
.Fx
system.
Many commands, tools, and utilities
documented in sections 1, 6, and 8 of the manual
are partly responsible for meeting these base system requirements.
Consequently, borrowing entries from the list in
the FSA
is a good way to begin the list of requirements for these commands,
tools, and utilities.
.Pp
Complex servers and subsystems may have their own integrity,
confidentiality, availability and correctness requirements
in addition to the system-wide ones listed in
the FSA.
Listing these additional requirements will require
some thought and analysis.
Correctness requirements will most often
deal with configuration issues,
especially in cases of programs that can load modules
containing arbitrary functionality during run-time.
.Pp
For low-level features, such as the individual functions
documented in sections 2, 3, and 9 of the manual,
it is generally sufficient to proceed with
only a single correctness requirement:
simply that the function behaves as advertised.
.Pp
A good security considerations section
should explain how the feature can be misused
to violate each general security requirement in the list.
Each explanation should be accompanied by instructions
the reader should follow in order to avoid a violation.
For the sake of brevity, assume the reader is familiar with
all of the concepts in
the FSA.
When referencing potential vulnerabilities
described in the Secure Programming Practices manual page,
.Xr sprog 7 ,
@ -146,15 +111,6 @@ should describe only those issues directly related to the feature
that is the subject of the manual page.
Refer to other manual pages
rather than duplicating the material found there.
Refer to generalized descriptions of problems in
the FSA
rather than referring to specific instances of those problems
in other manual pages.
Ideally, each specific security-relevant issue
should be described in exactly one manual page,
preferably as a specific instance of a general problem
described in
the FSA.
.Sh EXAMPLES
Security considerations sections for most individual functions can follow
this simple formula:
@ -162,9 +118,7 @@ this simple formula:
.Bl -enum -offset indent -compact
.It
Provide one or two sentences describing each potential security
problem, referencing
the FSA
to provide details whenever possible.
problem.
.It
Provide one or two sentences describing how to avoid each potential
security problem.
@ -181,8 +135,6 @@ The
function is easily misused in a manner which enables malicious users
to arbitrarily change a running program's functionality
through a buffer overflow attack.
(See
the FSA.)
.Pp
Avoid using
.Fn strcpy .
@ -254,8 +206,6 @@ of the program by replacing calls to standard library functions
with calls to their own.
Although this feature is disabled for set-user-ID and set-group-ID programs,
it can still be used to create Trojan horses in other programs.
(See
the FSA.)
.Pp
All users should be aware that the correct operation of non
set-user-ID/group-ID dynamically-linked programs depends on the proper
@ -268,10 +218,6 @@ to link in shared libraries of unknown pedigree.
.Xr security 7 ,
.Xr sprog 7
.Rs
.%T "The FreeBSD Security Architecture"
.%J file:///usr/share/doc/{to be determined}
.Re
.Rs
.%A "Edward Amoroso, AT&T Bell Laboratories"
.%B "Fundamentals of Computer Security Technology"
.%I "P T R Prentice Hall"