Update Capsicum and Mandatory Access Control manual pages

to no longer claim they are experimental.

Reviewed by:	rwatson@, wblock@
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D2985

11 files changed, 11 insertions, 98 deletions

diff --git a/share/man/man4/capsicum.4 b/share/man/man4/capsicum.4
index 9290cbc..1d208b0 100644
--- a/share/man/man4/capsicum.4
+++ b/share/man/man4/capsicum.4
@@ -26,7 +26,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd October 19, 2013
+.Dd July 25, 2015
 .Dt CAPSICUM 4
 .Os
 .Sh NAME
@@ -125,7 +125,3 @@ and
 .An Kris Kennaway Aq Mt kris@FreeBSD.org
 at Google, Inc., and
 .An Pawel Jakub Dawidek Aq Mt pawel@dawidek.net .
-.Sh BUGS
-.Nm
-is considered experimental in
-.Fx .
diff --git a/share/man/man4/mac.4 b/share/man/man4/mac.4
index b1ff1d9..0c14313 100644
--- a/share/man/man4/mac.4
+++ b/share/man/man4/mac.4
@@ -30,7 +30,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd October 30, 2007
+.Dd July 25, 2015
 .Dt MAC 4
 .Os
 .Sh NAME
@@ -239,14 +239,6 @@ under DARPA/SPAWAR contract N66001-01-C-8035
 .Pq Dq CBOSS ,
 as part of the DARPA CHATS research program.
 .Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
 While the MAC Framework design is intended to support the containment of
 the root user, not all attack channels are currently protected by entry
 point checks.
diff --git a/share/man/man4/mac_ifoff.4 b/share/man/man4/mac_ifoff.4
index 87c73b2..3800eea 100644
--- a/share/man/man4/mac_ifoff.4
+++ b/share/man/man4/mac_ifoff.4
@@ -30,7 +30,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd December 10, 2002
+.Dd July 25, 2015
 .Dt MAC_IFOFF 4
 .Os
 .Sh NAME
@@ -118,14 +118,6 @@ under DARPA/SPAWAR contract N66001-01-C-8035
 .Pq Dq CBOSS ,
 as part of the DARPA CHATS research program.
 .Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
 While the MAC Framework design is intended to support the containment of
 the root user, not all attack channels are currently protected by entry
 point checks.
diff --git a/share/man/man4/mac_mls.4 b/share/man/man4/mac_mls.4
index b314fb5..9f98c46 100644
--- a/share/man/man4/mac_mls.4
+++ b/share/man/man4/mac_mls.4
@@ -30,7 +30,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd December 1, 2002
+.Dd July 25, 2015
 .Dt MAC_MLS 4
 .Os
 .Sh NAME
@@ -236,14 +236,6 @@ Inc.\& under DARPA/SPAWAR contract N66001-01-C-8035
 .Pq Dq CBOSS ,
 as part of the DARPA CHATS research program.
 .Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
 While the MAC Framework design is intended to support the containment of
 the root user, not all attack channels are currently protected by entry
 point checks.
diff --git a/share/man/man4/mac_none.4 b/share/man/man4/mac_none.4
index ed13ca6..ea5b75b 100644
--- a/share/man/man4/mac_none.4
+++ b/share/man/man4/mac_none.4
@@ -30,7 +30,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd December 1, 2002
+.Dd July 25, 2015
 .Dt MAC_NONE 4
 .Os
 .Sh NAME
@@ -98,14 +98,6 @@ under DARPA/SPAWAR contract N66001-01-C-8035
 .Pq Dq CBOSS ,
 as part of the DARPA CHATS research program.
 .Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
 While the MAC Framework design is intended to support the containment of
 the root user, not all attack channels are currently protected by entry
 point checks.
diff --git a/share/man/man4/mac_partition.4 b/share/man/man4/mac_partition.4
index 296635e..e19b1bc 100644
--- a/share/man/man4/mac_partition.4
+++ b/share/man/man4/mac_partition.4
@@ -30,7 +30,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd December 9, 2002
+.Dd July 25, 2015
 .Dt MAC_PARTITION 4
 .Os
 .Sh NAME
@@ -118,14 +118,6 @@ under DARPA/SPAWAR contract N66001-01-C-8035
 .Pq Dq CBOSS ,
 as part of the DARPA CHATS research program.
 .Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
 While the MAC Framework design is intended to support the containment of
 the root user, not all attack channels are currently protected by entry
 point checks.
diff --git a/share/man/man4/mac_seeotheruids.4 b/share/man/man4/mac_seeotheruids.4
index c870ca0..7cc3e88 100644
--- a/share/man/man4/mac_seeotheruids.4
+++ b/share/man/man4/mac_seeotheruids.4
@@ -30,7 +30,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd October 6, 2005
+.Dd July 25, 2015
 .Dt MAC_SEEOTHERUIDS 4
 .Os
 .Sh NAME
@@ -116,14 +116,6 @@ under DARPA/SPAWAR contract N66001-01-C-8035
 .Pq Dq CBOSS ,
 as part of the DARPA CHATS research program.
 .Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
 While the MAC Framework design is intended to support the containment of
 the root user, not all attack channels are currently protected by entry
 point checks.
diff --git a/share/man/man4/mac_stub.4 b/share/man/man4/mac_stub.4
index 89491f1..7789687 100644
--- a/share/man/man4/mac_stub.4
+++ b/share/man/man4/mac_stub.4
@@ -30,7 +30,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd December 1, 2002
+.Dd July 25, 2015
 .Dt MAC_STUB 4
 .Os
 .Sh NAME
@@ -101,14 +101,6 @@ under DARPA/SPAWAR contract N66001-01-C-8035
 .Pq Dq CBOSS ,
 as part of the DARPA CHATS research program.
 .Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
 While the MAC Framework design is intended to support the containment of
 the root user, not all attack channels are currently protected by entry
 point checks.
diff --git a/share/man/man4/mac_test.4 b/share/man/man4/mac_test.4
index e86d4bd..6f14792 100644
--- a/share/man/man4/mac_test.4
+++ b/share/man/man4/mac_test.4
@@ -30,7 +30,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd December 1, 2002
+.Dd July 25, 2015
 .Dt MAC_TEST 4
 .Os
 .Sh NAME
@@ -102,14 +102,6 @@ under DARPA/SPAWAR contract N66001-01-C-8035
 .Pq Dq CBOSS ,
 as part of the DARPA CHATS research program.
 .Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
 While the MAC Framework design is intended to support the containment of
 the root user, not all attack channels are currently protected by entry
 point checks.
diff --git a/share/man/man4/procdesc.4 b/share/man/man4/procdesc.4
index ec8c827..ce32a24 100644
--- a/share/man/man4/procdesc.4
+++ b/share/man/man4/procdesc.4
@@ -29,7 +29,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd August 21, 2013
+.Dd July 25, 2015
 .Dt PROCDESC 4
 .Os
 .Sh NAME
@@ -85,7 +85,3 @@ at the University of Cambridge, and
 and
 .An Kris Kennaway Aq Mt kris@FreeBSD.org
 at Google, Inc.
-.Sh BUGS
-.Nm
-is considered experimental in
-.Fx .
diff --git a/share/man/man9/mac.9 b/share/man/man9/mac.9
index cc05c5a..d1e86ad 100644
--- a/share/man/man9/mac.9
+++ b/share/man/man9/mac.9
@@ -33,7 +33,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd July 10, 2006
+.Dd July 25, 2015
 .Dt MAC 9
 .Os
 .Sh NAME
@@ -62,14 +62,6 @@ opportunity to modify security behavior at those MAC API entry points.
 Both consumers of the API (normal kernel services) and security modules
 must be aware of the semantics of the API calls, particularly with respect
 to synchronization primitives (such as locking).
-.Ss Note on Appropriateness for Production Use
-The
-.Tn TrustedBSD
-MAC Framework included in
-.Fx 5.0
-is considered experimental, and should not be deployed in production
-environments without careful consideration of the risks associated with
-the use of experimental operating system features.
 .Ss Kernel Objects Supported by the Framework
 The MAC framework manages labels on a variety of types of in-kernel
 objects, including process credentials, vnodes, devfs_dirents, mount
@@ -232,13 +224,6 @@ Additional contributors include:
 and
 .An Tim Robbins .
 .Sh BUGS
-See the earlier section in this document concerning appropriateness
-for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
 While the MAC Framework design is intended to support the containment of
 the root user, not all attack channels are currently protected by entry
 point checks.