History log of /freebsd/sys/security/mac_bsdextended/mac_bsdextended.c (Results 101 – 125 of 142)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
Revision tags: release/7.0.0_cvs, release/7.0.0, release/6.3.0_cvs, release/6.3.0
# eb320b0e 29-Oct-2007 Robert Watson <rwatson@FreeBSD.org>

Resort TrustedBSD MAC Framework policy entry point implementations and
declarations to match the object, operation sort order in the framework
itself.

Obtained from: TrustedBSD Project


# 3f1a7a90 25-Oct-2007 Robert Watson <rwatson@FreeBSD.org>

Consistently name functions for mac_<policy> as <policy>_whatever rather
than mac_<policy>_whatever, as this shortens the names and makes the code
a bit easier to read.

When dealing with label struc

Consistently name functions for mac_<policy> as <policy>_whatever rather
than mac_<policy>_whatever, as this shortens the names and makes the code
a bit easier to read.

When dealing with label structures, name variables 'mb', 'ml', 'mm rather
than the longer 'mac_biba', 'mac_lomac', and 'mac_mls', likewise making
the code a little easier to read.

Obtained from: TrustedBSD Project

show more ...


# 30d239bc 24-Oct-2007 Robert Watson <rwatson@FreeBSD.org>

Merge first in a series of TrustedBSD MAC Framework KPI changes
from Mac OS X Leopard--rationalize naming for entry points to
the following general forms:

mac_<object>_<method/action>
mac_<objec

Merge first in a series of TrustedBSD MAC Framework KPI changes
from Mac OS X Leopard--rationalize naming for entry points to
the following general forms:

mac_<object>_<method/action>
mac_<object>_check_<method/action>

The previous naming scheme was inconsistent and mostly
reversed from the new scheme. Also, make object types more
consistent and remove spaces from object types that contain
multiple parts ("posix_sem" -> "posixsem") to make mechanical
parsing easier. Introduce a new "netinet" object type for
certain IPv4/IPv6-related methods. Also simplify, slightly,
some entry point names.

All MAC policy modules will need to be recompiled, and modules
not updates as part of this commit will need to be modified to
conform to the new KPI.

Sponsored by: SPARTA (original patches against Mac OS X)
Obtained from: TrustedBSD Project, Apple Computer

show more ...


# 45e0f3d6 10-Sep-2007 Robert Watson <rwatson@FreeBSD.org>

Rename mac_check_vnode_delete() MAC Framework and MAC Policy entry
point to mac_check_vnode_unlink(), reflecting UNIX naming conventions.

This is the first of several commits to synchronize the MAC

Rename mac_check_vnode_delete() MAC Framework and MAC Policy entry
point to mac_check_vnode_unlink(), reflecting UNIX naming conventions.

This is the first of several commits to synchronize the MAC Framework
in FreeBSD 7.0 with the MAC Framework as it will appear in Mac OS X
Leopard.

Reveiwed by: csjp, Samy Bahra <sbahra at gwu dot edu>
Submitted by: Jacques Vidrine <nectar at apple dot com>
Obtained from: Apple Computer, Inc.
Sponsored by: SPARTA, SPAWAR
Approved by: re (bmah)

show more ...


# 458f818f 05-Jul-2007 Robert Watson <rwatson@FreeBSD.org>

In preparation for 7.0 privilege cleanup, clean up style:

- Sort copyrights by date.
- Re-wrap, and in some cases, fix comments.
- Fix tabbing, white space, remove extra blank lines.
- Remove commen

In preparation for 7.0 privilege cleanup, clean up style:

- Sort copyrights by date.
- Re-wrap, and in some cases, fix comments.
- Fix tabbing, white space, remove extra blank lines.
- Remove commented out debugging printfs.

Approved by: re (kensmith)

show more ...


# c2259ba4 14-Jun-2007 Robert Watson <rwatson@FreeBSD.org>

Include priv.h to pick up suser(9) definitions, missed in an earlier
commit.

Warnings spotted by: kris


# 78007886 23-Apr-2007 Robert Watson <rwatson@FreeBSD.org>

Apply variable name normalization to MAC policies: adopt global conventions
for the naming of variables associated with specific data structures.

Obtained from: TrustedBSD Project


# 18717f69 22-Apr-2007 Robert Watson <rwatson@FreeBSD.org>

Allow MAC policy modules to control access to audit configuration system
calls. Add MAC Framework entry points and MAC policy entry points for
audit(), auditctl(), auditon(), setaudit(), aud setauid

Allow MAC policy modules to control access to audit configuration system
calls. Add MAC Framework entry points and MAC policy entry points for
audit(), auditctl(), auditon(), setaudit(), aud setauid().

MAC Framework entry points are only added for audit system calls where
additional argument context may be useful for policy decision-making; other
audit system calls without arguments may be controlled via the priv(9)
entry points.

Update various policy modules to implement audit-related checks, and in
some cases, other missing system-related checks.

Obtained from: TrustedBSD Project
Sponsored by: SPARTA, Inc.

show more ...


# 7405fcc3 23-Feb-2007 Robert Watson <rwatson@FreeBSD.org>

More unnecessary include reduction.


# d24c76d1 20-Feb-2007 Robert Watson <rwatson@FreeBSD.org>

Move mapping of MBI_APPEND to MBI_WRITE from inside the rule loop in
mac_bsdextended_check() to before the loop, as it needs to happen only
once.

MFC after: 1 week


# c96ae196 06-Feb-2007 Robert Watson <rwatson@FreeBSD.org>

Continue 7-CURRENT MAC Framework rearrangement and cleanup:

Don't perform a nested include of _label.h in mac.h, as mac.h now
describes only the user API to MAC, and _label.h defines the in-kernel

Continue 7-CURRENT MAC Framework rearrangement and cleanup:

Don't perform a nested include of _label.h in mac.h, as mac.h now
describes only the user API to MAC, and _label.h defines the in-kernel
representation of MAC labels.

Remove mac.h includes from policies and MAC framework components that do
not use userspace MAC API definitions.

Add _KERNEL inclusion checks to mac_internal.h and mac_policy.h, as these
are kernel-only include files

Obtained from: TrustedBSD Project

show more ...


Revision tags: release/6.2.0_cvs, release/6.2.0
# 0efd6615 23-Dec-2006 Robert Watson <rwatson@FreeBSD.org>

Move src/sys/sys/mac_policy.h, the kernel interface between the MAC
Framework and security modules, to src/sys/security/mac/mac_policy.h,
completing the removal of kernel-only MAC Framework include f

Move src/sys/sys/mac_policy.h, the kernel interface between the MAC
Framework and security modules, to src/sys/security/mac/mac_policy.h,
completing the removal of kernel-only MAC Framework include files from
src/sys/sys. Update the MAC Framework and MAC policy modules. Delete
the old mac_policy.h.

Third party policy modules will need similar updating.

Obtained from: TrustedBSD Project

show more ...


# acd3428b 06-Nov-2006 Robert Watson <rwatson@FreeBSD.org>

Sweep kernel replacing suser(9) calls with priv(9) calls, assigning
specific privilege names to a broad range of privileges. These may
require some future tweaking.

Sponsored by: nCircle

Sweep kernel replacing suser(9) calls with priv(9) calls, assigning
specific privilege names to a broad range of privileges. These may
require some future tweaking.

Sponsored by: nCircle Network Security, Inc.
Obtained from: TrustedBSD Project
Discussed on: arch@
Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri,
Alex Lyashkov <umka at sevcity dot net>,
Skip Ford <skip dot ford at verizon dot net>,
Antoine Brodin <antoine dot brodin at laposte dot net>

show more ...


Revision tags: release/5.5.0_cvs, release/5.5.0, release/6.1.0_cvs, release/6.1.0
# 89ddbd45 23-Apr-2006 David Malone <dwmalone@FreeBSD.org>

Add some new options to mac_bsdestended. We can now match on:

subject: ranges of uid, ranges of gid, jail id
objects: ranges of uid, ranges of gid, filesystem,
object is suid, object is sgid, ob

Add some new options to mac_bsdestended. We can now match on:

subject: ranges of uid, ranges of gid, jail id
objects: ranges of uid, ranges of gid, filesystem,
object is suid, object is sgid, object matches subject uid/gid
object type

We can also negate individual conditions. The ruleset language is
a superset of the previous language, so old rules should continue
to work.

These changes require a change to the API between libugidfw and the
mac_bsdextended module. Add a version number, so we can tell if
we're running mismatched versions.

Update man pages to reflect changes, add extra test cases to
test_ugidfw.c and add a shell script that checks that the the
module seems to do what we expect.

Suggestions from: rwatson, trhodes
Reviewed by: trhodes
MFC after: 2 months

show more ...


# 42ae38e9 04-Mar-2006 David Malone <dwmalone@FreeBSD.org>

Create a mac_bsdextended_check_vp function that takes a cred, a
vnode and a mode and checks if a given access mode is permitted.
This centralises the mac_bsdextended_enabled check and the GETATTR
cal

Create a mac_bsdextended_check_vp function that takes a cred, a
vnode and a mode and checks if a given access mode is permitted.
This centralises the mac_bsdextended_enabled check and the GETATTR
calls and makes the implementation of the mac policy methods simple.

This should make it easier for us to match vnodes on more complex
attributes than just uid and gid in the future, but for now there
should be no functional change.

Approved/Reviewed by: rwatson, trhodes
MFC after: 1 month

show more ...


# e1216740 15-Jan-2006 Christian S.J. Peron <csjp@FreeBSD.org>

Fix potential overrun of static stack allocated array which stores
the rules. If an array is N elements large, we can only access
elements 0..(N-1).

MFC after: 1 week
Found with: Coverity Prevent(tm)


Revision tags: release/6.0.0_cvs, release/6.0.0
# 096dd406 28-Jul-2005 Tom Rhodes <trhodes@FreeBSD.org>

If a "hole" opens up in the ruleset (i.e.: remove 5), do not return
unknown error. Instead, just return error.

Submitted by: avatar
Tested by: trhodes


Revision tags: release/5.4.0_cvs, release/5.4.0
# a203d978 22-Apr-2005 Tom Rhodes <trhodes@FreeBSD.org>

Add locking support to mac_bsdextended:

- Introduce a global mutex, mac_bsdextended_mtx, to protect the rule
array and hold this mutex over use and modification of the rule array
and rules.
-

Add locking support to mac_bsdextended:

- Introduce a global mutex, mac_bsdextended_mtx, to protect the rule
array and hold this mutex over use and modification of the rule array
and rules.
- Re-order and clean up sysctl_rule so that copyin/copyout/update happen
in the right order (suggested by: jhb done by rwatson).

show more ...


Revision tags: release/4.11.0_cvs, release/4.11.0, release/5.3.0_cvs, release/5.3.0
# 46e23372 22-Oct-2004 Robert Watson <rwatson@FreeBSD.org>

Minor white space synchronization and line wrapping.


# bda37097 21-Oct-2004 Robert Watson <rwatson@FreeBSD.org>

Bump copyright dates for NETA on these files.


# 2e74bca1 21-Oct-2004 Robert Watson <rwatson@FreeBSD.org>

Modify mac_bsdextended policy so that it defines its own vnode access
right bits rather than piggy-backing on the V* rights defined in
vnode.h. The mac_bsdextended bits are given the same values as

Modify mac_bsdextended policy so that it defines its own vnode access
right bits rather than piggy-backing on the V* rights defined in
vnode.h. The mac_bsdextended bits are given the same values as the V*
bits to make the new kernel module binary compatible with the old
version of libugidfw that uses V* bits. This avoids leaking kernel
API/ABI to user management tools, and in particular should remove the
need for libugidfw to include vnode.h.

Requested by: phk

show more ...


# 88af0398 10-Sep-2004 Tom Rhodes <trhodes@FreeBSD.org>

Remove the debugging tunable, it was not being used.
Enable first match by default.[1]

We should: rwatson [1]


# 60673f35 21-Aug-2004 Tom Rhodes <trhodes@FreeBSD.org>

Allow mac_bsdextended(4) to log failed attempts to syslog's AUTHPRIV
facility. This is disabled by default but may be turned on by using
the mac_bsdextended_logging sysctl.

Reviewed by: re (jhb)
Ap

Allow mac_bsdextended(4) to log failed attempts to syslog's AUTHPRIV
facility. This is disabled by default but may be turned on by using
the mac_bsdextended_logging sysctl.

Reviewed by: re (jhb)
Approved by: re (jhb)

show more ...


# fa31f180 21-Aug-2004 Tom Rhodes <trhodes@FreeBSD.org>

Give the mac_bsdextended(4) policy the ability to match and apply on a first
rule only in place of all rules match. This is similar to how ipfw(8) works.

Provide a sysctl, mac_bsdextended_firstmatc

Give the mac_bsdextended(4) policy the ability to match and apply on a first
rule only in place of all rules match. This is similar to how ipfw(8) works.

Provide a sysctl, mac_bsdextended_firstmatch_enabled, to enable this
feature.

Reviewed by: re (jhb)
Aprroved by: re (jhb)

show more ...


# 56c38cd9 23-Jul-2004 Robert Watson <rwatson@FreeBSD.org>

Allow an effective uid of root to bypass mac_bsdextended rules; the MAC
Framework can restrict the root user, but this policy is not intended
to support that.

Stylish Swiss footwear provided for: tr

Allow an effective uid of root to bypass mac_bsdextended rules; the MAC
Framework can restrict the root user, but this policy is not intended
to support that.

Stylish Swiss footwear provided for: trhodes

show more ...


123456