| mac_bsdextended.4 (115211) | mac_bsdextended.4 (115643) |
|---|---|
| 1.\" Copyright (c) 2002 Networks Associates Technology, Inc. 2.\" All rights reserved. 3.\" 4.\" This software was developed for the FreeBSD Project by Chris Costello 5.\" at Safeport Network Services and Network Associates Laboratories, the 6.\" Security Research Division of Network Associates, Inc. under 7.\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the 8.\" DARPA CHATS research program. --- 14 unchanged lines hidden (view full) --- 23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29.\" SUCH DAMAGE. 30.\" | 1.\" Copyright (c) 2002 Networks Associates Technology, Inc. 2.\" All rights reserved. 3.\" 4.\" This software was developed for the FreeBSD Project by Chris Costello 5.\" at Safeport Network Services and Network Associates Laboratories, the 6.\" Security Research Division of Network Associates, Inc. under 7.\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the 8.\" DARPA CHATS research program. --- 14 unchanged lines hidden (view full) --- 23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29.\" SUCH DAMAGE. 30.\" |
| 31.\" $FreeBSD: head/share/man/man4/mac_bsdextended.4 115211 2003-05-21 15:55:40Z ru $ 32.Dd OCTOBER 16, 2002 | 31.\" $FreeBSD: head/share/man/man4/mac_bsdextended.4 115643 2003-06-01 21:52:59Z ru $ 32.\" 33.Dd October 16, 2002 |
| 33.Os 34.Dt MAC_BSDEXTENDED 4 35.Sh NAME 36.Nm mac_bsdextended | 34.Os 35.Dt MAC_BSDEXTENDED 4 36.Sh NAME 37.Nm mac_bsdextended |
| 37.Nd file system firewall policy | 38.Nd "file system firewall policy" |
| 38.Sh SYNOPSIS 39To compile the file system firewall policy into your kernel, 40place the following lines in your kernel configuration file: | 39.Sh SYNOPSIS 40To compile the file system firewall policy into your kernel, 41place the following lines in your kernel configuration file: |
| 42.Bd -ragged -offset indent |
|
| 41.Cd "options MAC" 42.Cd "options MAC_BSDEXTENDED" | 43.Cd "options MAC" 44.Cd "options MAC_BSDEXTENDED" |
| 45.Ed |
|
| 43.Pp 44Alternately, to load the file system firewall policy module at boot time, 45place the following line in your kernel configuration file: | 46.Pp 47Alternately, to load the file system firewall policy module at boot time, 48place the following line in your kernel configuration file: |
| 49.Bd -ragged -offset indent |
|
| 46.Cd "options MAC" | 50.Cd "options MAC" |
| 51.Ed |
|
| 47.Pp 48and in 49.Xr loader.conf 5 : | 52.Pp 53and in 54.Xr loader.conf 5 : |
| 50.Cd mac_bsdextended_load= Ns \&"YES" | 55.Bd -literal -offset indent 56mac_bsdextended_load="YES" 57.Ed |
| 51.Sh DESCRIPTION 52The 53.Nm 54interface provides an interface for the system administrator 55to impose mandatory rules regarding users and some system objects. 56Rules are uploaded to the module 57(typically using 58.Xr ugidfw 8 , --- 27 unchanged lines hidden (view full) --- 86.Xr mac_test 4 , 87.Xr ugidfw 8 , 88.Xr mac 9 89.Sh HISTORY 90The 91.Nm 92policy module first appeared in 93.Fx 5.0 | 58.Sh DESCRIPTION 59The 60.Nm 61interface provides an interface for the system administrator 62to impose mandatory rules regarding users and some system objects. 63Rules are uploaded to the module 64(typically using 65.Xr ugidfw 8 , --- 27 unchanged lines hidden (view full) --- 93.Xr mac_test 4 , 94.Xr ugidfw 8 , 95.Xr mac 9 96.Sh HISTORY 97The 98.Nm 99policy module first appeared in 100.Fx 5.0 |
| 94and was developed by the TrustedBSD Project. | 101and was developed by the 102.Tn TrustedBSD 103Project. |
| 95.Sh AUTHORS 96This software was contributed to the 97.Fx 98Project by NAI Labs, the Security Research Division of Network Associates | 104.Sh AUTHORS 105This software was contributed to the 106.Fx 107Project by NAI Labs, the Security Research Division of Network Associates |
| 99Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), | 108Inc. under DARPA/SPAWAR contract N66001-01-C-8035 109.Pq Dq CBOSS , |
| 100as part of the DARPA CHATS research program. | 110as part of the DARPA CHATS research program. |