Enforce minimal file/ dir permissions
Mister Olli
mister.olli at googlemail.com
Tue Jun 17 09:35:01 UTC 2008
hi....
Am Montag, den 16.06.2008, 08:51 -0500 schrieb Jeffrey Goldberg:
> On Jun 16, 2008, at 7:21 AM, Bill Moran wrote:
>
> > Look at MAC and the bsdextended module (filesystem firewall):
> > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mac.html
> > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mac-bsdextended.html
>
> I've recently been looking at those myself, and while I think that I
> have developed some limited understanding "in principle" about how MAC
> works, I need a great deal more practical guidance. Is there some
> extended tutorial with cookbook or other resource that will actually
> help someone who doesn't fully grok this work out a policy and rules
> that will do more good than harm?
Yeah, I'm currently in the same need of some documentation.
Do you have any hints on that?
I would be happy to extend some, if it exists. or even upload some of my
own documentation/ knowledge to the web ;-))
oh, and does anybody of you know how to express a file mode of 660
(unix) with the 'ugidfw' utility within a rule?
greetz,
olli
More information about the freebsd-questions
mailing list