By default, label all network interfaces as biba/equal on attach. This

makes it easier for first-time users to configure and work with biba as remote acess is still allowed. Effectively, this means that, by default, only local security properties, not distributed ones, are enforced. Obtained from: TrustedBSD Project
author: rwatson <rwatson@FreeBSD.org> 2009-06-03 08:49:44 +0000
committer: rwatson <rwatson@FreeBSD.org> 2009-06-03 08:49:44 +0000
commit: 086e835650e2a78d23a19d81202781f4d745764e (patch)
tree: 0c068b1bd3da76b821714e718ce5743d03c5a129
parent: b51e9aaf240c98d36726ac5aab7b0edf17ffcec7 (diff)
download: FreeBSD-src-086e835650e2a78d23a19d81202781f4d745764e.zip
FreeBSD-src-086e835650e2a78d23a19d81202781f4d745764e.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c
index 97c3cbe..212c499 100644
--- a/sys/security/mac_biba/mac_biba.c
+++ b/sys/security/mac_biba/mac_biba.c
@@ -125,7 +125,7 @@ SYSCTL_INT(_security_mac_biba, OID_AUTO, ptys_equal, CTLFLAG_RW, &ptys_equal,
     0, "Label pty devices as biba/equal on create");
 TUNABLE_INT("security.mac.biba.ptys_equal", &ptys_equal);
 
-static int	interfaces_equal;
+static int	interfaces_equal = 1;
 SYSCTL_INT(_security_mac_biba, OID_AUTO, interfaces_equal, CTLFLAG_RW,
     &interfaces_equal, 0, "Label network interfaces as biba/equal on create");
 TUNABLE_INT("security.mac.biba.interfaces_equal", &interfaces_equal);
author	rwatson <rwatson@FreeBSD.org>	2009-06-03 08:49:44 +0000
committer	rwatson <rwatson@FreeBSD.org>	2009-06-03 08:49:44 +0000
commit	086e835650e2a78d23a19d81202781f4d745764e (patch)
tree	0c068b1bd3da76b821714e718ce5743d03c5a129
parent	b51e9aaf240c98d36726ac5aab7b0edf17ffcec7 (diff)
download	FreeBSD-src-086e835650e2a78d23a19d81202781f4d745764e.zip FreeBSD-src-086e835650e2a78d23a19d81202781f4d745764e.tar.gz