PERFORCE change 24682 for review

Adam Migus amigus at freebsd.org
Wed Feb 5 06:41:23 GMT 2003


http://perforce.freebsd.org/chv.cgi?CH=24682

Change 24682 by amigus at amigus_ludo on 2003/02/04 22:41:00

	IFC (one minute too early last time).

Affected files ...

.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/sec-arch/OUTLINE.TrustedBSD#2 edit
.. //depot/user/amigus/amigus_mac/sys/security/mac_biba/mac_biba.c#14 integrate

Differences ...

==== //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/sec-arch/OUTLINE.TrustedBSD#2 (text+ko) ====

@@ -1,4 +1,4 @@
-$P4: //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/sec-arch/OUTLINE.TrustedBSD#1 $
+$P4: //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/sec-arch/OUTLINE.TrustedBSD#2 $
 
 This document outlines the Security Architecture (WIP).  As time progresses
 and more of the document becomes written, each entry in the outline will
@@ -21,9 +21,16 @@
 	2. Security-Related Definitions
 		2.1. Security Policy
 		2.2. Subjects and Objects
-		2.3. MAC
-		2.4. DAC
-		2.5. ... (more to come as they "come up")
+		2.3  Security Models (introduce next section).
+II. Security Models
+	3. MAC
+	4. DAC
+	5. Implementations in UNIX
+		- DAC and MAC.
+		- Lots of references.
+			2.3.4 Conflicts/Collisions (very brief)
+				- Mention further research required to
+				  understand he implications/requirements.
 II. Kernel Security ("Kernel Security Model?")
 	3. Kernel Security Policy[footnote 1]
 		3.1. [UN] Regarding suser, the root user, etc.

==== //depot/user/amigus/amigus_mac/sys/security/mac_biba/mac_biba.c#14 (text+ko) ====

@@ -95,13 +95,14 @@
     &destroyed_not_inited, 0, "Count of labels destroyed but not inited");
 
 static int	trust_all_interfaces = 0;
-SYSCTL_INT(_security_mac_biba, OID_AUTO, trust_all_interfaces, CTLFLAG_RD,
+SYSCTL_INT(_security_mac_biba, OID_AUTO, trust_all_interfaces, CTLFLAG_RW,
     &trust_all_interfaces, 0, "Consider all interfaces 'trusted' by MAC/Biba");
 TUNABLE_INT("security.mac.biba.trust_all_interfaces", &trust_all_interfaces);
 
 static char	trusted_interfaces[128];
-SYSCTL_STRING(_security_mac_biba, OID_AUTO, trusted_interfaces, CTLFLAG_RD,
-    trusted_interfaces, 0, "Interfaces considered 'trusted' by MAC/Biba");
+SYSCTL_STRING(_security_mac_biba, OID_AUTO, trusted_interfaces, CTLFLAG_RW,
+    trusted_interfaces, sizeof(trusted_interfaces),
+    "Interfaces considered 'trusted' by MAC/Biba");
 TUNABLE_STR("security.mac.biba.trusted_interfaces", trusted_interfaces,
     sizeof(trusted_interfaces));
 
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message



More information about the trustedbsd-cvs mailing list