From owner-freebsd-doc@FreeBSD.ORG Mon May 10 14:52:22 2004 Return-Path: Delivered-To: freebsd-doc@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D694916A4CE; Mon, 10 May 2004 14:52:22 -0700 (PDT) Received: from tatiana.utanet.at (tatiana.utanet.at [213.90.36.46]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4845743D31; Mon, 10 May 2004 14:52:21 -0700 (PDT) (envelope-from josef@jenny.daemon.li) Received: from plenty.utanet.at ([213.90.36.9]) by tatiana.utanet.at with esmtp (Exim 4.12) id 1BNIhA-0000KT-00; Mon, 10 May 2004 23:52:20 +0200 Received: from dsl-245-120.utaonline.at ([212.152.245.120] helo=jenny.daemon.li) by plenty.utanet.at with esmtp (Exim 4.12) id 1BNIh9-00032X-00; Mon, 10 May 2004 23:52:19 +0200 Received: by jenny.daemon.li (Postfix, from userid 1001) id BDABD446C; Mon, 10 May 2004 23:53:09 +0200 (CEST) Date: Mon, 10 May 2004 23:53:09 +0200 From: Josef El-Rayes To: Tom Rhodes Message-ID: <20040510215309.GA677@jenny.daemon.li> References: <20040510165153.37575e53@localhost> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="XF85m9dhOBO43t/C" Content-Disposition: inline In-Reply-To: <20040510165153.37575e53@localhost> User-Agent: Mutt/1.4.2.1i X-Operating-System: FreeBSD 5.2.1-RELEASE-p4 cc: FreeBSD-doc@FreeBSD.org cc: Robert Watson Subject: Re: [REVIEW REQUEST]: New chapter on MAC (draft) X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 May 2004 21:52:23 -0000 --XF85m9dhOBO43t/C Content-Type: multipart/mixed; boundary="CE+1k2dSO48ffgeK" Content-Disposition: inline --CE+1k2dSO48ffgeK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Tom Rhodes wrote: > Hey FreeBSD-doc, >=20 > I've written a new chapter for the handbook on implementing the > MAC features in 5.X. It includes configuration, testing, module > description that augments the section we already have, and shows > examples of the policies. >=20 > I'm not worried about whitespace right now, only correctness in the > information presented, markup, and wording. hi tom! i had a look at your work and found 4 very minor mistakes. i attach my patch. greets, josef ps: looks very nice, both the framework and the documentation, looks like i have to test this soon :) --=20 Josef El-Rayes (__) Email: josef@daemon.li \\\'',)=20 Web: http://daemon.li/ \/ \ ^ FreeBSD: josef@FreeBSD.org .\._/_) --CE+1k2dSO48ffgeK Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="chapter.sgml.diff" Content-Transfer-Encoding: quoted-printable --- chapter.sgml.orig Mon May 10 23:08:53 2004 +++ chapter.sgml Mon May 10 23:50:01 2004 @@ -24,14 +24,14 @@ Mandatory Access Controls =20 With security requirements on a rise throughout much of the - the world, the demand for a more secure environment has + world, the demand for a more secure environment has increased. It is from this demand that the TrustedBSD project was founded with nothing more than security in mind. The - TrustedBSD project has aimed at developing userland utilities and ker= nel + TrustedBSD project aimes at developing userland utilities and kernel interfaces, based on the POSIX.1e standard, and me= rging it back to &os; 5.X. While still in the development stage, many of the features are nearing production stability. Some of - those include file system access control lists + those include file system Access Control Lists (ACLs) and Mandatory Access Control (MAC) mechanisms. =20 @@ -1147,7 +1147,7 @@ =20 The MAC version of the Low-watermark integrity policy, not to be confused with the older &man.lomac.4; - implementation, works almost identical to Biba but with a the + implementation, works almost identical to Biba but with the exception of using floating labels to support subject demotion via an auxiliary grade compartment. This secondary compartment takes the form of [auxgrade]. When assigning a @@ -1635,4 +1635,4 @@ sgml-always-quote-attributes: t sgml-parent-document: ("../book.sgml" "part" "chapter") End: ---> \ No newline at end of file +--> --CE+1k2dSO48ffgeK-- --XF85m9dhOBO43t/C Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iQEVAwUBQJ/5xVnFItmnnbU8AQK0AAf/dxePMAKFPGNc2ACNNfcGU0+iwslwLQSc KAk1l2Gg1bpIzDsw0c1pS360e5k9RCDJ2S41rqcMsWSL7u6lq1W+kJwBCTzm0Y/l Z4rN/I5btgCFyh4PzId0SfYgXLlo/0NNFe9jD2OBrEcF8PF/ECYVg1dbXAWvwPNo gWXbfEpJpEahQOfTM1bIzx+AGx8cimqShcYWcJFaHfG1StTug/0X/ifppyq8CsJK avPCtra9lwUdfdDK4jYEVV6EFDS4rjBBwyfd7aSOgEwlJDeOCcE5UdNiN+OQ/l6v 5V6kxIPAzlhqLtrYNT2zeXpHA8ymH1iwIANnsMqMeJNhXvw12lxgPw== =QGqC -----END PGP SIGNATURE----- --XF85m9dhOBO43t/C--