From owner-freebsd-doc@FreeBSD.ORG Tue Jun 22 01:06:39 2004 Return-Path: Delivered-To: freebsd-doc@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2069916A4CE; Tue, 22 Jun 2004 01:06:39 +0000 (GMT) Received: from pittgoth.com (14.zlnp1.xdsl.nauticom.net [209.195.149.111]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9EBED43D48; Tue, 22 Jun 2004 01:06:38 +0000 (GMT) (envelope-from trhodes@FreeBSD.org) Received: from localhost.pittgoth.com (acs-24-154-239-234.zoominternet.net [24.154.239.234]) (authenticated bits=0) by pittgoth.com (8.12.11/8.12.11) with ESMTP id i5M16aCh033545 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 21 Jun 2004 21:06:37 -0400 (EDT) (envelope-from trhodes@FreeBSD.org) Date: Mon, 21 Jun 2004 21:07:07 -0400 From: Tom Rhodes To: Brian Fundakowski Feldman Message-Id: <20040621210707.1fdf7bcb@localhost.pittgoth.com> In-Reply-To: <20040622010024.GB5470@green.homeunix.org> References: <20040510174918.146df71c@localhost> <20040511160225.1630f3ee@localhost> <20040622010024.GB5470@green.homeunix.org> X-Mailer: Sylpheed version 0.9.11claws (GTK+ 1.2.10; i386-portbld-freebsd5.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit cc: FreeBSD-doc@FreeBSD.org cc: trustedbsd-discuss@TrustedBSD.org Subject: Re: [REVIEW REQUEST]: New chapter on MAC (draft) X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jun 2004 01:06:39 -0000 On Mon, 21 Jun 2004 21:00:24 -0400 Brian Fundakowski Feldman wrote: Whats up Brian? :) > On Tue, May 11, 2004 at 04:02:25PM -0400, Tom Rhodes wrote: > > On Mon, 10 May 2004 17:49:18 -0400 > > Tom Rhodes wrote: > > > > Updated with comments from this list and a few in private. > > > > Check it out: > > > > > Check out the built chapter at: > > > http://people.freebsd.org/~trhodes/mac/mac.html > > > > > > Check out the source at: > > > http://people.freebsd.org/~trhodes/mac/chapter.sgml > > Very nice job! Here are my notes on what I've read: > > 1. In 11.4.1.1, a '/' is missing in the label setting. Can't remember if I fixed this or not. > 2. In 11.4.2 "The Singlelabel" seems syntactically strange, as does > "swap file system." Fixed, > 3. In 11.4.3, perhaps "sysctl -d security.mac" would be better. Hmmm, good point. > 4. The 11.10.1 section seems to end prematurely. I think this has been fixed, > 5. "Sensibility" should be "sensitivity" in 11.11. Why is the number > "six thousand" specifically mentioned? Random pull out of my ass. > 6. In 11.13, the behavior of auxiliary-labeled directories should > be explained. Specifically, this allows creation of directories > with one grade that allow objects, of the auxiliary grade, to be > created in them -- sort of like "sticky directories." For exec, > it results in something similar to "setuid execution." > Noted, I'll probably fix this later. Note that I already committed a version to doc/ but it was a lot better than this version. :) Thanks for the review, sorry I already fixed it. -- Tom Rhodes