PERFORCE change 37035 for review
cvance at FreeBSD.org
Wed Aug 27 20:00:06 GMT 2003
Change 37035 by cvance at cvance_release on 2003/08/27 12:59:40
Newrole program, based on the version from SELinux, but almost
completely re-written. This should be considered "early access"
code, it still has quite a few known defects, but the base
functionality is present.
Note: ttys are NOT relabeled appropriately yet (working on it).
Note: if you don't specify a type on the command line, it will
try to find an appropriate one by consulting
/etc/security/sebsd/default_type (which isn't installed by default)
Note: I don't fully understand PAM. I used PAM for authentication.
This might not be done right (requires that the program is setuid?)
Note: The SELinux counterpart did some weird fork & exec business,
whereas I just mac_execve over the current program.
Affected files ...
.. //depot/projects/trustedbsd/sebsd/usr.sbin/sebsd_newrole/Makefile#1 add
.. //depot/projects/trustedbsd/sebsd/usr.sbin/sebsd_newrole/sebsd_newrole.1#1 add
.. //depot/projects/trustedbsd/sebsd/usr.sbin/sebsd_newrole/sebsd_newrole.c#1 add
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs