PERFORCE change 20064 for review

Robert Watson rwatson at freebsd.org
Thu Oct 24 19:17:28 GMT 2002 

Note that this is arguably incorrect for all policies but LOMAC, since
"fail stop" is the desired behavior for Biba, MLS, SELinux, and others.
This is why I changed the default for cow to off.  We should look into a
way to provide both what LOMAC and the other policies need, perhaps by
having two entry points: one for the purpose of downgrading with COW, one
without.  In particular, pay attention to cases like:

	LOMAC wants to downgrade write to read-only
	Biba wants to remove write entirely

The desired composition in this case is probably the Biba result.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert at fledge.watson.org      Network Associates Laboratories

On Thu, 24 Oct 2002, Brian Feldman wrote:

> http://perforce.freebsd.org/chv.cgi?CH=20064
> 
> Change 20064 by green at green_laptop_2 on 2002/10/24 11:42:34
> 
> 	Change default MAC VM permissions to:
> 	
> 	security.mac.enforce_vm: 1
> 	security.mac.mmap_revocation: 0
> 	security.mac.mmap_revocation_via_cow: 1
> 
> Affected files ...
> 
> .. //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#327 edit
> 
> Differences ...
> 
> ==== //depot/projects/trustedbsd/mac/sys/kern/kern_mac.c#327 (text+ko) ====
> 
> @@ -142,7 +142,7 @@
>      &mac_enforce_sysctl, 0, "Enforce MAC policy on sysctl operations");
>  TUNABLE_INT("security.mac.enforce_sysctl", &mac_enforce_sysctl);
>  
> -static int	mac_enforce_vm = 0;
> +static int	mac_enforce_vm = 1;
>  SYSCTL_INT(_security_mac, OID_AUTO, enforce_vm, CTLFLAG_RW,
>      &mac_enforce_vm, 0, "Enforce MAC policy on vm operations");
>  TUNABLE_INT("security.mac.enforce_vm", &mac_enforce_vm);
> @@ -157,7 +157,7 @@
>  SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation, CTLFLAG_RW,
>      &mac_mmap_revocation, 0, "Revoke mmap access to files on subject "
>      "relabel");
> -static int	mac_mmap_revocation_via_cow = 0;
> +static int	mac_mmap_revocation_via_cow = 1;
>  SYSCTL_INT(_security_mac, OID_AUTO, mmap_revocation_via_cow, CTLFLAG_RW,
>      &mac_mmap_revocation_via_cow, 0, "Revoke mmap access to files via "
>      "copy-on-write semantics, or by removing all write access");
> 

To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

More information about the trustedbsd-cvs mailing list