mac_mls mac_biba mac_lomac patches to fix ptys_equal mib support
for new /dev/pts in FreeBSD 8
Robert Watson
rwatson at FreeBSD.org
Sat Mar 6 16:52:52 UTC 2010
On Tue, 2 Mar 2010, Selphie Keller wrote:
> - (2) Could you let me know how your login.conf + user labels are
> configured, and show me the output of "ps -axZ | grep sshd"?
>
> /etc/login.conf label configurations I use
>
> Staff users: label=mls/2(low-high)
> Deamons: label=mls/equal(equal-equal)
> Insecure users: label=mls/low(low-low)
>
> If you need the exact data from login.conf I can provide it, but is a bit
> tricky as I use tc= to call from one class to another class and override, in
> which default class is mls/low.
Am I right in thinking that you have security.mac.biba.revocation_enabled
and/or security.mac.mls.revocation_enabled set? Revocation being enabled
might explain why you're seeing this issue, but other users aren't reporting
problems.
Robert N M Watson
Computer Laboratory
University of Cambridge
More information about the freebsd-hackers
mailing list