MFC r285873:
Update Capsicum and Mandatory Access Control manual pages to no longer claim they are experimental. Sponsored by: The FreeBSD Foundation
This commit is contained in:
parent
d141e091d1
commit
e063ea3299
@ -31,7 +31,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd August 7, 2009
|
||||
.Dd July 25, 2015
|
||||
.Dt MAC 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -163,14 +163,3 @@ Support for Mandatory Access Control was introduced in
|
||||
as part of the
|
||||
.Tn TrustedBSD
|
||||
Project.
|
||||
.Sh BUGS
|
||||
The
|
||||
.Tn TrustedBSD
|
||||
MAC Framework and associated policies, interfaces, and
|
||||
applications are considered to be an experimental feature in
|
||||
.Fx .
|
||||
Sites considering production deployment should keep the experimental
|
||||
status of these services in mind during any deployment process.
|
||||
See also
|
||||
.Xr mac 9
|
||||
for related considerations regarding the kernel framework.
|
||||
|
@ -29,7 +29,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd April 19, 2003
|
||||
.Dd July 25, 2015
|
||||
.Dt MAC.CONF 5
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -110,14 +110,3 @@ Support for Mandatory Access Control was introduced in
|
||||
as part of the
|
||||
.Tn TrustedBSD
|
||||
Project.
|
||||
.Sh BUGS
|
||||
The
|
||||
.Tn TrustedBSD
|
||||
MAC Framework and associated policies, interfaces, and
|
||||
applications are considered to be an experimental feature in
|
||||
.Fx .
|
||||
Sites considering production deployment should keep the experimental
|
||||
status of these services in mind during any deployment process.
|
||||
See also
|
||||
.Xr mac 9
|
||||
for related considerations regarding the kernel framework.
|
||||
|
@ -26,7 +26,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd October 19, 2013
|
||||
.Dd July 25, 2015
|
||||
.Dt CAPSICUM 4
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -124,7 +124,3 @@ and
|
||||
.An "Kris Kennaway" Aq kris@FreeBSD.org
|
||||
at Google, Inc., and
|
||||
.An "Pawel Jakub Dawidek" Aq pawel@dawidek.net .
|
||||
.Sh BUGS
|
||||
.Nm
|
||||
is considered experimental in
|
||||
.Fx .
|
||||
|
@ -30,7 +30,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd October 30, 2007
|
||||
.Dd July 25, 2015
|
||||
.Dt MAC 4
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -239,14 +239,6 @@ under DARPA/SPAWAR contract N66001-01-C-8035
|
||||
.Pq Dq CBOSS ,
|
||||
as part of the DARPA CHATS research program.
|
||||
.Sh BUGS
|
||||
See
|
||||
.Xr mac 9
|
||||
concerning appropriateness for production use.
|
||||
The
|
||||
.Tn TrustedBSD
|
||||
MAC Framework is considered experimental in
|
||||
.Fx .
|
||||
.Pp
|
||||
While the MAC Framework design is intended to support the containment of
|
||||
the root user, not all attack channels are currently protected by entry
|
||||
point checks.
|
||||
|
@ -30,7 +30,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd December 10, 2002
|
||||
.Dd July 25, 2015
|
||||
.Dt MAC_IFOFF 4
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -118,14 +118,6 @@ under DARPA/SPAWAR contract N66001-01-C-8035
|
||||
.Pq Dq CBOSS ,
|
||||
as part of the DARPA CHATS research program.
|
||||
.Sh BUGS
|
||||
See
|
||||
.Xr mac 9
|
||||
concerning appropriateness for production use.
|
||||
The
|
||||
.Tn TrustedBSD
|
||||
MAC Framework is considered experimental in
|
||||
.Fx .
|
||||
.Pp
|
||||
While the MAC Framework design is intended to support the containment of
|
||||
the root user, not all attack channels are currently protected by entry
|
||||
point checks.
|
||||
|
@ -30,7 +30,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd December 1, 2002
|
||||
.Dd July 25, 2015
|
||||
.Dt MAC_MLS 4
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -236,14 +236,6 @@ Inc.\& under DARPA/SPAWAR contract N66001-01-C-8035
|
||||
.Pq Dq CBOSS ,
|
||||
as part of the DARPA CHATS research program.
|
||||
.Sh BUGS
|
||||
See
|
||||
.Xr mac 9
|
||||
concerning appropriateness for production use.
|
||||
The
|
||||
.Tn TrustedBSD
|
||||
MAC Framework is considered experimental in
|
||||
.Fx .
|
||||
.Pp
|
||||
While the MAC Framework design is intended to support the containment of
|
||||
the root user, not all attack channels are currently protected by entry
|
||||
point checks.
|
||||
|
@ -30,7 +30,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd December 1, 2002
|
||||
.Dd July 25, 2015
|
||||
.Dt MAC_NONE 4
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -98,14 +98,6 @@ under DARPA/SPAWAR contract N66001-01-C-8035
|
||||
.Pq Dq CBOSS ,
|
||||
as part of the DARPA CHATS research program.
|
||||
.Sh BUGS
|
||||
See
|
||||
.Xr mac 9
|
||||
concerning appropriateness for production use.
|
||||
The
|
||||
.Tn TrustedBSD
|
||||
MAC Framework is considered experimental in
|
||||
.Fx .
|
||||
.Pp
|
||||
While the MAC Framework design is intended to support the containment of
|
||||
the root user, not all attack channels are currently protected by entry
|
||||
point checks.
|
||||
|
@ -30,7 +30,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd December 9, 2002
|
||||
.Dd July 25, 2015
|
||||
.Dt MAC_PARTITION 4
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -118,14 +118,6 @@ under DARPA/SPAWAR contract N66001-01-C-8035
|
||||
.Pq Dq CBOSS ,
|
||||
as part of the DARPA CHATS research program.
|
||||
.Sh BUGS
|
||||
See
|
||||
.Xr mac 9
|
||||
concerning appropriateness for production use.
|
||||
The
|
||||
.Tn TrustedBSD
|
||||
MAC Framework is considered experimental in
|
||||
.Fx .
|
||||
.Pp
|
||||
While the MAC Framework design is intended to support the containment of
|
||||
the root user, not all attack channels are currently protected by entry
|
||||
point checks.
|
||||
|
@ -30,7 +30,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd October 6, 2005
|
||||
.Dd July 25, 2015
|
||||
.Dt MAC_SEEOTHERUIDS 4
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -116,14 +116,6 @@ under DARPA/SPAWAR contract N66001-01-C-8035
|
||||
.Pq Dq CBOSS ,
|
||||
as part of the DARPA CHATS research program.
|
||||
.Sh BUGS
|
||||
See
|
||||
.Xr mac 9
|
||||
concerning appropriateness for production use.
|
||||
The
|
||||
.Tn TrustedBSD
|
||||
MAC Framework is considered experimental in
|
||||
.Fx .
|
||||
.Pp
|
||||
While the MAC Framework design is intended to support the containment of
|
||||
the root user, not all attack channels are currently protected by entry
|
||||
point checks.
|
||||
|
@ -30,7 +30,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd December 1, 2002
|
||||
.Dd July 25, 2015
|
||||
.Dt MAC_STUB 4
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -101,14 +101,6 @@ under DARPA/SPAWAR contract N66001-01-C-8035
|
||||
.Pq Dq CBOSS ,
|
||||
as part of the DARPA CHATS research program.
|
||||
.Sh BUGS
|
||||
See
|
||||
.Xr mac 9
|
||||
concerning appropriateness for production use.
|
||||
The
|
||||
.Tn TrustedBSD
|
||||
MAC Framework is considered experimental in
|
||||
.Fx .
|
||||
.Pp
|
||||
While the MAC Framework design is intended to support the containment of
|
||||
the root user, not all attack channels are currently protected by entry
|
||||
point checks.
|
||||
|
@ -30,7 +30,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd December 1, 2002
|
||||
.Dd July 25, 2015
|
||||
.Dt MAC_TEST 4
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -102,14 +102,6 @@ under DARPA/SPAWAR contract N66001-01-C-8035
|
||||
.Pq Dq CBOSS ,
|
||||
as part of the DARPA CHATS research program.
|
||||
.Sh BUGS
|
||||
See
|
||||
.Xr mac 9
|
||||
concerning appropriateness for production use.
|
||||
The
|
||||
.Tn TrustedBSD
|
||||
MAC Framework is considered experimental in
|
||||
.Fx .
|
||||
.Pp
|
||||
While the MAC Framework design is intended to support the containment of
|
||||
the root user, not all attack channels are currently protected by entry
|
||||
point checks.
|
||||
|
@ -29,7 +29,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd August 21, 2013
|
||||
.Dd July 25, 2015
|
||||
.Dt PROCDESC 4
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -87,7 +87,3 @@ at the University of Cambridge, and
|
||||
and
|
||||
.An "Kris Kennaway" Aq kris@FreeBSD.org
|
||||
at Google, Inc.
|
||||
.Sh BUGS
|
||||
.Nm
|
||||
is considered experimental in
|
||||
.Fx .
|
||||
|
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd July 10, 2006
|
||||
.Dd July 25, 2015
|
||||
.Dt MAC 9
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -62,14 +62,6 @@ opportunity to modify security behavior at those MAC API entry points.
|
||||
Both consumers of the API (normal kernel services) and security modules
|
||||
must be aware of the semantics of the API calls, particularly with respect
|
||||
to synchronization primitives (such as locking).
|
||||
.Ss Note on Appropriateness for Production Use
|
||||
The
|
||||
.Tn TrustedBSD
|
||||
MAC Framework included in
|
||||
.Fx 5.0
|
||||
is considered experimental, and should not be deployed in production
|
||||
environments without careful consideration of the risks associated with
|
||||
the use of experimental operating system features.
|
||||
.Ss Kernel Objects Supported by the Framework
|
||||
The MAC framework manages labels on a variety of types of in-kernel
|
||||
objects, including process credentials, vnodes, devfs_dirents, mount
|
||||
@ -232,13 +224,6 @@ Additional contributors include:
|
||||
and
|
||||
.An Tim Robbins .
|
||||
.Sh BUGS
|
||||
See the earlier section in this document concerning appropriateness
|
||||
for production use.
|
||||
The
|
||||
.Tn TrustedBSD
|
||||
MAC Framework is considered experimental in
|
||||
.Fx .
|
||||
.Pp
|
||||
While the MAC Framework design is intended to support the containment of
|
||||
the root user, not all attack channels are currently protected by entry
|
||||
point checks.
|
||||
|
Loading…
Reference in New Issue
Block a user