Date: Thu, 24 Oct 2002 15:17:28 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: Brian Feldman <green@FreeBSD.org> Cc: Perforce Change Reviews <perforce@FreeBSD.org> Subject: Re: PERFORCE change 20064 for review Message-ID: <Pine.NEB.3.96L.1021024151536.33116B-100000@fledge.watson.org> In-Reply-To: <200210241842.g9OIgpMJ019736@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Note that this is arguably incorrect for all policies but LOMAC, since "fail stop" is the desired behavior for Biba, MLS, SELinux, and others. This is why I changed the default for cow to off. We should look into a way to provide both what LOMAC and the other policies need, perhaps by having two entry points: one for the purpose of downgrading with COW, one without. In particular, pay attention to cases like: LOMAC wants to downgrade write to read-only Biba wants to remove write entirely The desired composition in this case is probably the Biba result. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories On Thu, 24 Oct 2002, Brian Feldman wrote: > http://perforce.freebsd.org/chv.cgi?CH=20064 > > Change 20064 by green@green_laptop_2 on 2002/10/24 11:42:34 > > Change default MAC VM permissions to: > > security.mac.enforce_vm: 1 > security.mac.mmap_revocation: 0 > security.mac.mmap_revocation_via_cow: 1 > > Affected files ... > > .. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#327 edit > > Differences ... > > ==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#327 (text+ko) ==== > > @@ -142,7 +142,7 @@ > &mac_enforce_sysctl, 0, "Enforce MAC policy on sysctl operations"); > TUNABLE_INT("security.mac.enforce_sysctl", &mac_enforce_sysctl); > > -static int mac_enforce_vm = 0; > +static int mac_enforce_vm = 1; > SYSCTL_INT(_security_mac, OID_AUTO, enforce_vm, CTLFLAG_RW, > &mac_enforce_vm, 0, "Enforce MAC policy on vm operations"); > TUNABLE_INT("security.mac.enforce_vm", &mac_enforce_vm); > @@ -157,7 +157,7 @@ > SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation, CTLFLAG_RW, > &mac_mmap_revocation, 0, "Revoke mmap access to files on subject " > "relabel"); > -static int mac_mmap_revocation_via_cow = 0; > +static int mac_mmap_revocation_via_cow = 1; > SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation_via_cow, CTLFLAG_RW, > &mac_mmap_revocation_via_cow, 0, "Revoke mmap access to files via " > "copy-on-write semantics, or by removing all write access"); > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1021024151536.33116B-100000>