PERFORCE change 92288 for review
millert at FreeBSD.org
Thu Feb 23 11:34:45 PST 2006
Change 92288 by millert at millert_g4tower on 2006/02/23 19:33:16
Update errata list
Affected files ...
.. //depot/projects/trustedbsd/sedarwin7/ERRATA#3 edit
==== //depot/projects/trustedbsd/sedarwin7/ERRATA#3 (text+ko) ====
@@ -1,8 +1,8 @@
-Port of TrustedBSD MAC Framework to Darwin 10.3.3
+Port of TrustedBSD MAC Framework to Darwin 10.3.8
-15204 Omega Drive, Suite 300
-Rockville, MD 20850
+7075 Samuel Morse Drive
+Columbia, MD 21046-3401
The following known issues are present in this release:
@@ -28,15 +28,24 @@
provides /dev/fd entries on darwin instead of implementing this
- 66: Panic with a zalloc: the ipctrace seems to be leaking memory with
- port labels and the system will panic after a running for a while.
76: If a filesystem makes symbolic links from a partition that is
using extended attributes into a file system that is not using
extended attributes, the system will eventually deadlock.
+ 89: SEDarwin policy rejecting access to /dev/null when it should
+ not. Is the general_file_write_access macro not being applied
+ to users?
91: Users who create and attach new disk images cannot then access them.
+ 93: After reboot, the first time a user logs in, after entering correct
+ user name and password an alert pops up that says:
+ You cannot continue logging in at this time. There is a
+ problem that prevents you from logging in at this time.
+ Please contact your system administrator for help.
+ After clicking OK the MAC login plug-in box comes up and the
+ user may login normally.
98: HFS+ ignores mac_associate_vnode_extattr() failure. HFS+
currently ignores failures in mac_associate_vnode_extattr(), so a
failure to load critical extended attributes by a policy might
@@ -72,7 +81,16 @@
VOP_IOCTL vector. A MAC Framework access control check needs to
be inserted here.
-147: Panic with a bad v_usecount for a vnode during vnreclaim(). This
- occurs under a heavy load of combined auditing and file
- operations. The stack trace always reflects a problem in the
- lstat() system call. It's possible that this is a vendor defect.
+238: Currently the port label of a label handle is unused. This
+ could (and probably should) be used to implement access control
+ (label visibility). The port label would start out with the
+ same value as the object label but we should provide methods
+ to get/set this label. Security server methods that return a
+ label handle or text label can use the port label for access
+239: The SLOT() macro may return NULL in the SEDarwin policy. This
+ causes a panic in sebsd_externalize_cred_label() when the port
+ that holds the label has already been destroyed. There appears
+ to be a missing lock or out of order operation since we should
+ not be trying to externalized a dead port.
More information about the trustedbsd-cvs