Date: Mon, 21 Oct 2002 11:42:01 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/sys mac.h src/sys/security/mac_biba mac_biba.c mac_biba.h src/sys/security/mac_mls mac_mls.c mac_mls.h Message-ID: <200210211842.g9LIg1e6023829@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
rwatson 2002/10/21 11:42:01 PDT Modified files: sys/sys mac.h sys/security/mac_biba mac_biba.c mac_biba.h sys/security/mac_mls mac_mls.c mac_mls.h Log: Add compartment support to Biba and MLS policies. The logic of the policies remains the same: subjects and objects are labeled for integrity or sensitivity, and a dominance operator determines whether or not subject/object accesses are permitted to limit inappropriate information flow. Compartments are a non-hierarchal component to the label, so add a bitfield to the label element for each, and a set check as part of the dominance operator. This permits the implementation of "need to know" elements of MLS. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories Revision Changes Path 1.24 +58 -16 src/sys/security/mac_biba/mac_biba.c 1.2 +11 -1 src/sys/security/mac_biba/mac_biba.h 1.22 +58 -16 src/sys/security/mac_mls/mac_mls.c 1.2 +11 -1 src/sys/security/mac_mls/mac_mls.h 1.15 +4 -0 src/sys/sys/mac.h To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210211842.g9LIg1e6023829>