PERFORCE change 35396 for review
Robert Watson
rwatson at FreeBSD.org
Sat Aug 2 17:05:49 GMT 2003
http://perforce.freebsd.org/chv.cgi?CH=35396
Change 35396 by rwatson at rwatson_paprika on 2003/08/02 10:04:50
Updates to the MAC section of the Sec Arch.
Affected files ...
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/developers-handbook/secarch/chapter.sgml#3 edit
Differences ...
==== //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/developers-handbook/secarch/chapter.sgml#3 (text+ko) ====
@@ -2752,10 +2752,23 @@
<title>Mandatory Access Control</title>
<para>As of FreeBSD 5.0, experimental support for Mandatory Access
Control (MAC) provided by the TrustedBSD Project has been
- integrated into the operating system. The kernel supports a
- flexible MAC Framework permitting policy modules to augment
- the kernel security policy, as well as maintain security
- labeling information on a variety of system objects.</para>
+ integrated into the operating system.
+ The kernel may be compiled with <literal>options MAC</literal>
+ to enable a pluggable labeled access control framework.
+ The MAC Framework permits policy modules to augment the kernel
+ security policy, as well as maintain security labeling
+ information on a variety of system objects.
+ Common infrastructure provided by the Framework include
+ the ability to augment critical system security decisions,
+ a policy-agnostic security labeling service, composition of
+ simultaneously loaded policies, and system calls and APIs for
+ application management of labels.
+ The MAC Framework is capable of supporting policy modules
+ implementing a broad range of access control policies, including
+ hardening changes to the base FreeBSD policy, Biba integrity,
+ MLS confidentiality, RBAC, Type Enforcement, and many
+ more.</para>
+
<para>
mac.conf:
default MAC labels to show for various objects, including
@@ -2770,30 +2783,114 @@
third party models, including sebsd
</para>
-<para>
-Common facilities for MAC policies, including labeling, access control,
-labeling, utilities, etc.
-</para>
+ <variablelist>
+ <varlistentry>
+ <term>mac_biba</term>
+ <listitem>
+ <para>Biba data integrity policy; makes use of information
+ labeling and flow control to prevent violation of system
+ integrity constraints.
+ Security labels on subjects and objects include both
+ hierarchal (ordered) and non-hierarchal (compartmented)
+ components.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>mac_bsdextended</term>
+ <listitem>
+ <para>File system firewall policy; maintains a rule set
+ placing restrictions on file system access based on
+ existing security parameters, such as process uid, gids,
+ and file owner and group.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>mac_ifoff</term>
+ <listitem>
+ <para>Interface silencing policy; controls the incoming and
+ outgoing flow of packets via network interfaces.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>mac_lomac</term>
+ <listitem>
+ <para>Low-Watermark Mandatory Access Control (LOMAC) policy;
+ as with Biba, a labeled integrity policy, but making use
+ of floating subject labels which downgrade based on
+ access to information of lower integrity.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>mac_mls</term>
+ <listitem>
+ <para>Multi-Level Security (MLS) confidentiality policy;
+ implements the classing MLS MAC policy, providing both
+ hierarchal levels and non-hierarchal compartments to
+ control the flow of information to unauthorized
+ parties.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>mac_none</term>
+ <listitem>
+ <para>Null policy used for performance testing purposes.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>mac_partition</term>
+ <listitem>
+ <para>Simple system partition policy controlling inter-process
+ visibility based on administrator-defined security
+ partitions.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>mac_portacl</term>
+ <listitem>
+ <para>IP port access control list policy; implements controls
+ on system calls requesting the assignment of specific
+ UDP and TCP port numbers.
+ Intended for use with systems that no longer require root
+ privilege to bind low port numbers.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>mac_seeotheruids</term>
+ <listitem>
+ <para>Inter-process visibility policy; controls whether users
+ are permitted to see (and otherwise interact) with processes
+ owned by other users.</para>
+ </listitem>
+ </varlistentry>
-<para>
-various security models:
+ <varlistentry>
+ <term>mac_stub</term>
+ <listitem>
+ <para>Prototype policy containing stub implementations of all
+ entry points; intended for use by developers of new system
+ policies.</para>
+ </listitem>
+ </varlistentry>
-mac(4) - Mandatory Access Control
-mac_biba(4) - Biba data integrity policy
-mac_bsdextended(4) - file system firewall policy
-mac_ifoff(4) - interface silencing policy
-mac_lomac(4) - Low-watermark Mandatory Access Control data integrity policy
-mac_mls(4) - Multi-Level Security confidentiality policy
-mac_none(4) - sample MAC policy module
-mac_partition(4) - process partition policy
-mac_portacl(4) - network port access control policy
-mac_seeotheruids(4) - simple policy controlling whether users see other users
-mac_test(4) - MAC framework testing policy
-</para>
+ <varlistentry>
+ <term>mac_test</term>
+ <listitem>
+ <para>Internal assertion testing policy for the MAC Framework;
+ intended to assist in the testing of the correctness of the
+ Framework.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
</sect2>
-
</sect1>
-
</chapter>
<!--
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list