2087a58ca2
privilege grants so that dtrace can be more easily used to monitor the security decisions being generated by the MAC Framework following policy invocation. Successful access control checks will be reported by: mac_framework:kernel:<entrypoint>:mac_check_ok Failed access control checks will be reported by: mac_framework:kernel:<entrypoint>:mac_check_err Successful privilege grants will be reported by: mac_framework:kernel:priv_grant:mac_grant_ok Failed privilege grants will be reported by: mac_framework:kernel:priv_grant:mac_grant_err In all cases, the return value (always 0 for _ok, otherwise an errno for _err) will be reported via arg0 on the probe, and subsequent arguments will hold entrypoint-specific data, in a style similar to privilege tracing. Obtained from: TrustedBSD Project Sponsored by: Google, Inc. |
||
---|---|---|
.. | ||
audit | ||
mac | ||
mac_biba | ||
mac_bsdextended | ||
mac_ifoff | ||
mac_lomac | ||
mac_mls | ||
mac_none | ||
mac_partition | ||
mac_portacl | ||
mac_seeotheruids | ||
mac_stub | ||
mac_test |