cvs commit: src/sys/conf files src/sys/security/audit
audit_syscalls.c src/sys/security/mac mac_audit.c mac_framework.h
mac_policy.h src/sys/security/mac_biba mac_biba.c
src/sys/security/mac_bsdextended mac_bsdextended.c
src/sys/security/mac_lomac ...
Robert Watson
rwatson at FreeBSD.org
Sat Apr 21 22:08:49 UTC 2007
rwatson 2007-04-21 22:08:48 UTC
FreeBSD src repository
Modified files:
sys/conf files
sys/security/audit audit_syscalls.c
sys/security/mac mac_framework.h mac_policy.h
sys/security/mac_biba mac_biba.c
sys/security/mac_bsdextended mac_bsdextended.c
sys/security/mac_lomac mac_lomac.c
sys/security/mac_mls mac_mls.c
sys/security/mac_stub mac_stub.c
sys/security/mac_test mac_test.c
Added files:
sys/security/mac mac_audit.c
Log:
Allow MAC policy modules to control access to audit configuration system
calls. Add MAC Framework entry points and MAC policy entry points for
audit(), auditctl(), auditon(), setaudit(), aud setauid().
MAC Framework entry points are only added for audit system calls where
additional argument context may be useful for policy decision-making; other
audit system calls without arguments may be controlled via the priv(9)
entry points.
Update various policy modules to implement audit-related checks, and in
some cases, other missing system-related checks.
Obtained from: TrustedBSD Project
Sponsored by: SPARTA, Inc.
Revision Changes Path
1.1197 +1 -0 src/sys/conf/files
1.14 +44 -0 src/sys/security/audit/audit_syscalls.c
1.1 +101 -0 src/sys/security/mac/mac_audit.c (new)
1.79 +6 -0 src/sys/security/mac/mac_framework.h
1.87 +14 -0 src/sys/security/mac/mac_policy.h
1.102 +46 -0 src/sys/security/mac_biba/mac_biba.c
1.35 +27 -0 src/sys/security/mac_bsdextended/mac_bsdextended.c
1.46 +63 -1 src/sys/security/mac_lomac/mac_lomac.c
1.83 +40 -0 src/sys/security/mac_mls/mac_mls.c
1.62 +45 -4 src/sys/security/mac_stub/mac_stub.c
1.70 +60 -3 src/sys/security/mac_test/mac_test.c
More information about the cvs-src
mailing list