| mac_portacl.4 (131530) | mac_portacl.4 (138563) |
|---|---|
| 1.\" Copyright (c) 2003 Networks Associates Technology, Inc. 2.\" All rights reserved. 3.\" 4.\" This software was developed for the FreeBSD Project by Chris Costello 5.\" at Safeport Network Services and Network Associates Labs, the 6.\" Security Research Division of Network Associates, Inc. under 7.\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the 8.\" DARPA CHATS research program. --- 14 unchanged lines hidden (view full) --- 23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29.\" SUCH DAMAGE. 30.\" | 1.\" Copyright (c) 2003 Networks Associates Technology, Inc. 2.\" All rights reserved. 3.\" 4.\" This software was developed for the FreeBSD Project by Chris Costello 5.\" at Safeport Network Services and Network Associates Labs, the 6.\" Security Research Division of Network Associates, Inc. under 7.\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the 8.\" DARPA CHATS research program. --- 14 unchanged lines hidden (view full) --- 23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29.\" SUCH DAMAGE. 30.\" |
| 31.\" $FreeBSD: head/share/man/man4/mac_portacl.4 131530 2004-07-03 18:29:24Z ru $ | 31.\" $FreeBSD: head/share/man/man4/mac_portacl.4 138563 2004-12-08 15:58:38Z trhodes $ |
| 32.\" 33.Dd February 13, 2004 34.Dt MAC_PORTACL 4 35.Os 36.Sh NAME 37.Nm mac_portacl 38.Nd "network port access control policy" 39.Sh SYNOPSIS --- 158 unchanged lines hidden (view full) --- 198port). 199.El 200.It Va security.mac.portacl.suser_exempt 201Allow superuser (i.e., root) to bind to all 202.Nm 203protected ports, even if the port access control list does not 204explicitly allow this. 205(Default: 1). | 32.\" 33.Dd February 13, 2004 34.Dt MAC_PORTACL 4 35.Os 36.Sh NAME 37.Nm mac_portacl 38.Nd "network port access control policy" 39.Sh SYNOPSIS --- 158 unchanged lines hidden (view full) --- 198port). 199.El 200.It Va security.mac.portacl.suser_exempt 201Allow superuser (i.e., root) to bind to all 202.Nm 203protected ports, even if the port access control list does not 204explicitly allow this. 205(Default: 1). |
| 206.It Va security.mac.portacl.autoport_exempt 207Allow applications to use automatic binding to port 0. 208Often applications will use port 0 as a request for 209automatic port allocation before binding an IP address to 210a socket. This tunable will exempt port 0 allocation from 211rule checking when a low port is required and 212.Dv IP_PORTRANGELOW 213is set to a value above 1. |
|
| 206.El 207.Sh SEE ALSO 208.Xr mac 3 , 209.Xr ip 4 , 210.Xr mac_biba 4 , 211.Xr mac_bsdextended 4 , 212.Xr mac_ifoff 4 , 213.Xr mac_mls 4 , --- 19 unchanged lines hidden --- | 214.El 215.Sh SEE ALSO 216.Xr mac 3 , 217.Xr ip 4 , 218.Xr mac_biba 4 , 219.Xr mac_bsdextended 4 , 220.Xr mac_ifoff 4 , 221.Xr mac_mls 4 , --- 19 unchanged lines hidden --- |