Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 1 Aug 2002 08:37:12 -0700 (PDT)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   cvs commit: src/sys/kern vfs_syscalls.c
Message-ID:  <200208011537.g71FbCEa080408@freefall.freebsd.org>
index | next in thread | raw e-mail 

rwatson     2002/08/01 08:37:12 PDT

  Modified files:
    sys/kern             vfs_syscalls.c 
  Log:
  Introduce support for Mandatory Access Control and extensible
  kernel access control.
  
  Invoke appropriate MAC entry points to authorize the following
  operations:
  
          truncate on open()                      (write)
          access()                                (access)
          readlink()                              (readlink)
          chflags(), lchflags(), fchflags()       (setflag)
          chmod(), fchmod(), lchmod()             (setmode)
          chown(), fchown(), lchown()             (setowner)
          utimes(), lutimes(), futimes()          (setutimes)
          truncate(), ftrunfcate()                (write)
          revoke()                                (revoke)
          fhopen()                                (open)
          truncate on fhopen()                    (write)
          extattr_set_fd, extattr_set_file()      (setextattr)
          extattr_get_fd, extattr_get_file()      (getextattr)
          extattr_delete_fd(), extattr_delete_file() (setextattr)
  
  These entry points permit MAC policies to enforce a variety of
  protections on vnodes.  More vnode checks to come, especially in
  non-native ABIs.
  
  Obtained from:  TrustedBSD Project
  Sponsored by:   DARPA, NAI Labs
  
  Revision  Changes    Path
  1.277     +95 -10    src/sys/kern/vfs_syscalls.c

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
help

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208011537.g71FbCEa080408>