security\-module (full) in projects: freebsd

Project(s)

Full Search
Definition
Symbol
File Path
History
Type

Searched +full:security +full:- +full:module (Results 1 – 25 of 767) sorted by relevance

12 3 4 5 6 7 8 9 10 >>...31

/freebsd/share/man/man9/
H A D	mac.9	1 .\"- 2 .\" Copyright (c) 1999-2002 Robert N. M. Watson 3 .\" Copyright (c) 2002-2004 Networks Associates Technology, Inc. 9 .\" Associates Laboratories, the Security Research Division of Network 10 .\" Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 52 introduced system security modules to modify system security functionality. 53 This can be used to support a variety of new security services, including 58 The framework then calls out to security modules to offer them the 59 opportunity to modify security behavior at those MAC API entry points. 60 Both consumers of the API (normal kernel services) and security modules [all …]
/freebsd/share/man/man4/
H A D	mac_bsdextended.4	`6 .\" Security Research Division of Network Associates, Inc. under 7 .\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the 40 .Bd -ragged -offset indent 45 Alternately, to load the file system firewall policy module at boot time, 47 .Bd -ragged -offset indent 53 .Bd -literal -offset indent 59 security policy module provides an interface for the system administrator 61 Rules are uploaded to the module 93 .Bl -tag -width indent 94 .It Va security.mac.bsdextended.enabled [all …]`
H A D	mac_seeotheruids.4	6 .\" Security Research Division of Network Associates, Inc. under 7 .\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the 41 .Bd -ragged -offset indent 46 Alternately, to load the module at boot time, place the following line 48 .Bd -ragged -offset indent 54 .Bd -literal -offset indent 60 policy module, when enabled, denies users to see processes or sockets owned 66 .Va security.mac.seeotheruids.enabled 70 .Va security.mac.seeotheruids.suser_privileged 75 .Va security.mac.seeotheruids.primarygroup_enabled [all …]
H A D	mac_ifoff.4	6 .\" Security Research Division of Network Associates, Inc. under 7 .\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the 41 .Bd -ragged -offset indent 46 Alternately, to load the interface silencing policy module at boot time, 48 .Bd -ragged -offset indent 54 .Bd -literal -offset indent 60 interface silencing module allows administrators to enable and disable 71 .Va security.mac.ifoff.lo_enabled 78 .Va security.mac.ifoff.other_enabled 86 .Va security.mac.ifoff.bpfrecv_enabled [all …]
H A D	mac_mls.4	1 .\" Copyright (c) 2002-2004 Networks Associates Technology, Inc. 6 .\" Security Research Division of Network Associates, Inc. under 7 .\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the 36 .Nd "Multi-Level Security confidentiality policy" 40 .Bd -ragged -offset indent 45 Alternately, to load the MLS module at boot time, place the following line 47 .Bd -ragged -offset indent 53 .Bd -literal -offset indent 59 policy module implements the Multi-Level Security, or MLS model, 93 .Bl -column -offset indent ".Li mls/equal" "dominated by all other labels" [all …]
H A D	mac_lomac.4	6 .\" Security Research Division of Network Associates, Inc. under 7 .\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the 36 .Nd "Low-watermark Mandatory Access Control data integrity policy" 40 .Bd -ragged -offset indent 45 Alternately, to load the LOMAC module at boot time, place the following line 47 .Bd -ragged -offset indent 53 .Bd -literal -offset indent 59 policy module implements the LOMAC integrity model, 74 .Bl -column -offset indent ".Sy Label" "dominated by all other labels" 91 .Dq Li lomac/equal(equal-equal) [all …]
H A D	mac_biba.4	1 .\" Copyright (c) 2002-2004 Networks Associates Technology, Inc. 6 .\" Security Research Division of Network Associates, Inc. under 7 .\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the 40 .Bd -ragged -offset indent 45 Alternately, to load the Biba module at boot time, place the following line 47 .Bd -ragged -offset indent 53 .Bd -literal -offset indent 59 policy module implements the Biba integrity model, 63 up of hierarchal grades, and non-hierarchal components. 69 The non-hierarchal compartment field is expressed as a set of up to 256 [all …]
H A D	mac_ipacl.4	`36 .Bd -ragged -offset indent 41 To load the mac_ipacl policy module at boot time, add the 43 .Bd -ragged -offset indent 68 .Va security.mac.ipacl.rules 75 .Bl -tag -width indent 76 .It Va security.mac.ipacl.ipv4 81 .It Va security.mac.ipacl.ipv6 86 .It Va security.mac.ipacl.rules 92 .Bl -tag -width "interface" 111 -1 implies the policy is enforced for the individual IP address. [all …]`
/freebsd/crypto/openssl/
H A D	README-FIPS.md	4 This release of OpenSSL includes a cryptographic module that can be 5 FIPS validated. The module is implemented as an OpenSSL provider. 6 A provider is essentially a dynamically loadable module which implements 7 cryptographic algorithms, see the [README-PROVIDERS](README-PROVIDERS.md) file 10 A cryptographic module is only FIPS validated after it has gone through the complex 13 If you need a FIPS validated module then you must ONLY generate a FIPS provider 15 contains a link to a Security Policy, and you MUST follow the instructions 16 in the Security Policy in order to be FIPS compliant. 18 FIPS certificates and Security Policies. 20 Newer OpenSSL Releases that include security or bug fixes can be used to build [all …]
/freebsd/secure/lib/libcrypto/man/man5/
H A D	fips_config.5	1 .\" -- mode: troff; coding: utf-8 -- 58 .TH FIPS_CONFIG 5ossl 2025-09-30 3.5.4 OpenSSL 64 fips_config \- OpenSSL FIPS configuration 68 is used to hold information about the FIPS module. This includes a digest 69 of the shared library file, and status about the self-testing. 70 This data is used automatically by the module itself for two 72 .IP "\- Run the startup FIPS self-test known answer tests (KATS)." 4 73 .IX Item "- Run the startup FIPS self-test known answer tests (KATS)." 75 run each time the module is used. 76 .IP "\- Verify the module's checksum." 4 [all …]
/freebsd/secure/usr.bin/openssl/man/
H A D	openssl-fipsinstall.1	`1 .\" -- mode: troff; coding: utf-8 -- 57 .IX Title "OPENSSL-FIPSINSTALL 1ossl" 58 .TH OPENSSL-FIPSINSTALL 1ossl 2025-09-30 3.5.4 OpenSSL 64 openssl\-fipsinstall \- perform FIPS configuration installation 68 [\fB\-help\fR] 69 [\fB\-in\fR \fIconfigfilename\fR] 70 [\fB\-out\fR \fIconfigfilename\fR] 71 [\fB\-module\fR \fImodulefilename\fR] 72 [\fB\-provider_name\fR \fIprovidername\fR] 73 [\fB\-section_name\fR \fIsectionname\fR] [all …]`
/freebsd/tests/sys/mac/ipacl/
H A D	ipacl_test.sh	`1 #- 43 prev_ipacl_ipv4="$(sysctl -n security.mac.ipacl.ipv4)" 44 prev_ipacl_rules="$(sysctl -n security.mac.ipacl.rules)" 53 jidA=$(jls -j A -s jid \| grep -o -E '[0-9]+') 54 jidB=$(jls -j B -s jid \| grep -o -E '[0-9]+') 56 # The ipacl policy module is not enforced for IPv4. 57 sysctl security.mac.ipacl.ipv4=0 59 atf_check -s exit:0 -e ignore \ 61 atf_check -s exit:0 -e ignore \ 64 # The ipacl policy module is enforced for IPv4 and prevent all [all …]`
/freebsd/contrib/pam-krb5/docs/
H A D	docknot.yaml	`1 # Package metadata for pam-krb5. 10 # Copyright 2017, 2020-2021 Russ Allbery <eagle@eyrie.org> 12 # SPDX-License-Identifier: BSD-3-clause or GPL-1+ 16 name: pam-krb5 19 synopsis: PAM module for Kerberos authentication 22 name: BSD-3-clause-or-GPL-1+ 24 - holder: Russ Allbery <eagle@eyrie.org> 25 years: 2005-2010, 2014-2015, 2017, 2020-2021 26 - holder: The Board of Trustees of the Leland Stanford Junior University 27 years: 2009-2011 [all …]`
/freebsd/crypto/openssl/doc/man5/
H A D	fips_config.pod	5 fips_config - OpenSSL FIPS configuration 10 is used to hold information about the FIPS module. This includes a digest 11 of the shared library file, and status about the self-testing. 12 This data is used automatically by the module itself for two 17 =item - Run the startup FIPS self-test known answer tests (KATS). 20 run each time the module is used. 22 =item - Verify the module's checksum. 24 This is done each time the module is used. 28 This file is generated by the L<openssl-fipsinstall(1)> program, and 29 used internally by the FIPS module during its initialization. [all …]
/freebsd/crypto/openssl/doc/designs/
H A D	fips_indicator.md	8 ---------- 10 - [1] FIPS 140-3 Standards: <https://csrc.nist.gov/projects/cryptographic-module-validation-program… 11 - [2] Approved Security Functions: <https://csrc.nist.gov/projects/cryptographic-module-validation-… 12 - [3] Approved SSP generation and Establishment methods: <https://csrc.nist.gov/projects/cryptograp… 13 - [4] Key transitions: <https://csrc.nist.gov/pubs/sp/800/131/a/r2/final> 14 - [5] FIPS 140-3 Implementation Guidance: <https://csrc.nist.gov/csrc/media/Projects/cryptographic-… 17 ------------ 19 The following information was extracted from the FIPS 140-3 IG [5] “2.4.C Approved Security Service… 21 - A module must have an approved mode of operation that requires at least one service to use an app… 22 - A FIPS 140-3 compliant module requires a built-in service indicator capable of indicating the use… [all …]
/freebsd/sys/contrib/device-tree/Bindings/arm/
H A D	atmel,sama5d2-secumod.yaml	`1 # SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) 3 --- 4 $id: http://devicetree.org/schemas/arm/atmel,sama5d2-secumod.yaml# 5 $schema: http://devicetree.org/meta-schemas/core.yaml# 7 title: Microchip AT91 Security Module (SECUMOD) 10 - Nicolas Ferre <nicolas.ferre@microchip.com> 13 The Security Module also offers the PIOBU pins which can be used as GPIO pins. 14 Note that they maintain their voltage during Backup/Self-refresh. 19 - items: 20 - const: atmel,sama5d2-secumod [all …]`
/freebsd/crypto/openssl/doc/man1/
H A D	openssl-fipsinstall.pod.in	`2 {- OpenSSL::safe::output_do_not_edit_headers(); -} 6 openssl-fipsinstall - perform FIPS configuration installation 11 [B<-help>] 12 [B<-in> I<configfilename>] 13 [B<-out> I<configfilename>] 14 [B<-module> I<modulefilename>] 15 [B<-provider_name> I<providername>] 16 [B<-section_name> I<sectionname>] 17 [B<-verify>] 18 [B<-mac_name> I<macname>] [all …]`
/freebsd/contrib/pam-krb5/
H A D	README	1 pam-krb5 4.11 2 (PAM module for Kerberos authentication) 5 Copyright 2005-2010, 2014-2015, 2017, 2020-2021 Russ Allbery 6 <eagle@eyrie.org>. Copyright 2009-2011 The Board of Trustees of the 8 <dilinger@debian.org>. Copyright 1999-2000 Frank Cusack 9 <fcusack@fcusack.com>. This software is distributed under a BSD-style 14 pam-krb5 is a Kerberos PAM module for either MIT Kerberos or Heimdal. 16 authorization handling, authentication of non-local accounts for network 26 pam-krb5 provides a Kerberos PAM module that supports authentication, 31 and it tries to work around PAM implementation flaws in commonly-used [all …]
H A D	README.md	1 # pam-krb5 4 status](https://github.com/rra/pam-krb5/workflows/build/badge.svg)](https://github.com/rra/pam-krb5… 6 package](https://img.shields.io/debian/v/libpam-krb5/unstable)](https://tracker.debian.org/pkg/libp… 8 Copyright 2005-2010, 2014-2015, 2017, 2020-2021 Russ Allbery 9 <eagle@eyrie.org>. Copyright 2009-2011 The Board of Trustees of the 11 <dilinger@debian.org>. Copyright 1999-2000 Frank Cusack 12 <fcusack@fcusack.com>. This software is distributed under a BSD-style 18 pam-krb5 is a Kerberos PAM module for either MIT Kerberos or Heimdal. It 20 handling, authentication of non-local accounts for network services, 30 pam-krb5 provides a Kerberos PAM module that supports authentication, user [all …]
/freebsd/contrib/bsnmp/snmp_usm/
H A D	snmp_usm.3	1 .\"- 35 .Nd "user-based security module for" 42 module implements SNMPv3 User-Based Security Model MIB as defined in RFC 3414. 43 The module is used to manage the internal list of SNMPv3 USM active users in 45 The module must be loaded for 50 .Bl -tag -width "XXXXXXXXX" 52 The subtree contains statistics for the User-based Security Model PDU processing. 53 The statistics are reset each time the module is loaded. 61 .Bl -tag -width ".It Va usmUserEngineID" 63 An SNMP engine's administratively-unique identifier. Must be set to the same [all …]
/freebsd/sys/contrib/openzfs/config/
H A D	user-pam.m4	3 AS_HELP_STRING([--enable-pam], 4 [install pam_zfs_key module [[default: check]]]), 9 AS_HELP_STRING([--with-pammoduledir=DIR], 10 [install pam module in dir [[$libdir/security]]]), 11 [pammoduledir="$withval"],[pammoduledir=$libdir/security]) 14 AS_HELP_STRING([--with-pamconfigsdir=DIR], 15 [install pam-config files in dir [DATADIR/pam-configs]]), 17 [pamconfigsdir='${datadir}/pam-configs']) 20 AC_CHECK_HEADERS([security/pam_modules.h], [ 25 *** security/pam_modules.h missing, libpam0g-dev package required [all …]
/freebsd/crypto/heimdal/doc/
H A D	apps.texi	18 loaded at run-time. Modules for some of these systems can be found in 31 How to install the SIA module depends on which OS version you're 36 siacfg -a KRB5 /usr/athena/lib/libsia_krb5.so 57 Apply @file{security.patch} to @file{/sbin/init.d/security}. 59 Turn on KRB5 security by issuing @kbd{rcmgr set SECURITY KRB5} and 64 @kbd{/sbin/init.d/security start} (and restart any applications that use 76 KRB5CCNAME=FILE:/tmp/krb5cc`id -u`_`ps -o ppid= -p $$`; export KRB5CCNAME 86 @subsubheading Notes to users with Enhanced security 88 Digital's @samp{ENHANCED} (C2) security, and Kerberos solve two 89 different problems. C2 deals with local security, adds better control of [all …]
/freebsd/contrib/openpam/lib/libpam/
H A D	openpam_constants.c	`1 /- 2 Copyright (c) 2001-2003 Networks Associates Technology, Inc. 3 * Copyright (c) 2004-2025 Dag-Erling Smørgrav 7 * Network Associates Laboratories, the Security Research Division of 8 * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 40 #include <security/pam_appl.h> 83 [PAM_OPEN_ERR] = "Failed to load module", 85 [PAM_SERVICE_ERR] = "Error in service module", 106 [PAM_NO_MODULE_DATA] = "Module data not found", 107 [PAM_IGNORE] = "Ignore this module", [all …]`
/freebsd/contrib/bsnmp/snmp_target/
H A D	snmp_target.3	1 .\"- 35 .Nd "Target addresses and notifications module for" 42 module implements SNMPv3 Management Target MIB and basic functionality from 43 Notification MIB as defined in RFC 3413. The module is used to manage the 47 The module must be loaded for 49 to send SNMPv3 Trap-PDUs to the configured notification target addresses. 51 A short description of the objects implemented in the module follows. 52 .Bl -tag -width "XXXXXXXXX" 60 .Bl -tag -width ".It Va snmpTargetAddrName" 68 in future via the object definitions in TRANSPORT-ADDRESS-MIB (RFC 3419). [all …]
/freebsd/sys/dev/ice/
H A D	ice_nvm.c	1 /* SPDX-License-Identifier: BSD-3-Clause / 39 @module_typeid: module pointer location in words from the NVM beginning 40 * @offset: byte offset from the module beginning 67 cmd->cmd_flags \|= ICE_AQC_NVM_FLASH_ONLY; in ice_aq_read_nvm() 71 cmd->cmd_flags \|= ICE_AQC_NVM_LAST_CMD; in ice_aq_read_nvm() 72 cmd->module_typeid = CPU_TO_LE16(module_typeid); in ice_aq_read_nvm() 73 cmd->offset_lo in ice_aq_read_nvm() 463 ice_get_flash_bank_offset(struct ice_hw * hw,enum ice_bank_select bank,u16 module) ice_get_flash_bank_offset() argument 537 ice_read_flash_module(struct ice_hw * hw,enum ice_bank_select bank,u16 module,u32 offset,u8 * data,u32 length) ice_read_flash_module() argument 1982 u32 module, flags, offset; ice_validate_nvm_rw_reg() local 2113 u32 module, flags, adapter_info; ice_handle_nvm_access() local [all...]

12 3 4 5 6 7 8 9 10 >>...31