653f637c44
permit MAC policies to augment the security protections on sysctl() operations. This is not really a wonderful entry point, as we only have access to the MIB of the target sysctl entry, rather than the more useful entry name, but this is sufficient for policies like Biba that wish to use their notions of privilege or integrity to prevent inappropriate sysctl modification. Affects MAC kernels only. Since SYSCTL_LOCK isn't in sysctl.h, just kern_sysctl.c, we can't assert the SYSCTL subsystem lockin the MAC Framework. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories |
||
---|---|---|
.. | ||
lomac | ||
mac | ||
mac_biba | ||
mac_bsdextended | ||
mac_ifoff | ||
mac_mls | ||
mac_none | ||
mac_partition | ||
mac_seeotheruids | ||
mac_stub | ||
mac_test |