Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 5 Mar 2003 20:47:47 -0800 (PST)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   cvs commit: src/sys/sys mac.h mac_policy.h src/sys/alpha/alpha sys_machdep.c src/sys/i386/i386 sys_machdep.c src/sys/kern kern_mac.c
Message-ID:  <200303060447.h264llux045636@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help 

rwatson     2003/03/05 20:47:47 PST

  FreeBSD src repository

  Modified files:
    sys/sys              mac.h mac_policy.h 
    sys/alpha/alpha      sys_machdep.c 
    sys/i386/i386        sys_machdep.c 
    sys/kern             kern_mac.c 
  Log:
  Instrument sysarch() MD privileged I/O access interfaces with a MAC
  check, mac_check_sysarch_ioperm(), permitting MAC security policy
  modules to control access to these interfaces.  Currently, they
  protect access to IOPL on i386, and setting HAE on Alpha.
  Additional checks might be required on other platforms to prevent
  bypass of kernel security protections by unauthorized processes.
  
  Obtained from:  TrustedBSD Project
  Sponsored by:   DARPA, Network Associates Laboratories
  
  Revision  Changes    Path
  1.22      +9 -0      src/sys/alpha/alpha/sys_machdep.c
  1.79      +6 -0      src/sys/i386/i386/sys_machdep.c
  1.81      +12 -0     src/sys/kern/kern_mac.c
  1.36      +1 -0      src/sys/sys/mac.h
  1.36      +1 -0      src/sys/sys/mac_policy.h

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200303060447.h264llux045636>