Add an initial lomac(4) manpage.

Sponsored by:	DARPA, NAI Labs (CBOSS project)

2 files changed, 134 insertions, 0 deletions

diff --git a/share/man/man4/Makefile b/share/man/man4/Makefile
index c07c8c6..b9536c0 100644
--- a/share/man/man4/Makefile
+++ b/share/man/man4/Makefile
@@ -72,6 +72,7 @@ MAN=	aac.4 \
 	ktr.4 \
 	lge.4 \
 	lo.4 \
+	lomac.4 \
 	lp.4 \
 	lpbb.4 \
 	lpt.4 \
diff --git a/share/man/man4/lomac.4 b/share/man/man4/lomac.4
new file mode 100644
index 0000000..a4aea22
--- /dev/null
+++ b/share/man/man4/lomac.4
@@ -0,0 +1,133 @@
+.\" Copyright (c) 2001 Networks Associates Technologies, Inc.
+.\" All rights reserved.
+.\"
+.\" This software was developed for the FreeBSD Project by NAI Labs, the
+.\" Security Research Division of Network Associates, Inc. under
+.\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA
+.\" CHATS research program.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. The name of the author may not be used to endorse or promote
+.\"    products derived from this software without specific prior written
+.\"    permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD$
+.Dd November 20, 2001
+.Dt LOMAC 4
+.Os FreeBSD 5.0
+.Sh NAME
+.Nm LOMAC
+.Nd Low-Watermark Mandatory Access Control security facility
+.Sh USAGE
+.Dl # /sbin/kldload lomac
+.Sh DESCRIPTION
+The
+.Nm
+module provides a drop-in security mechanism in addition to the traditional
+POSIX uid-based security facilities, requiring no additional configuration
+from the administrator.
+.Nm
+aims to be two things: it is non-intrusive, so that the system with
+.Nm
+will not feel largely different from the system without it, and will not
+require much modification to intialize;  it is also comprehensive enough
+that a majority of attacks to compromise a system should fail.
+.Pp
+To this end, each process on the system will have a label of several
+attributes, including a "high" or "low" security level, attached to it,
+and these labels of integrity will be managed with a system cognizant
+of IPC (signals, debugging, sockets, pipes), path-based filesystem
+labels, virtual memory objects, and privileged system calls.
+A process (or set of vmspace-sharing processes) will initially inherit
+the integrity level of its parent, which, at the point of
+.Nm
+being started with
+.Xr kldload 8 ,
+will be high.
+If it reads lower-integrity data from one of the controlled mechanisms,
+it will then decrease its integrity level, and access to modify
+higher-integrity data will be revoked.
+.Sh IMPLEMENTATION NOTES
+.Nm
+on
+.Fx ,
+as implemented currently, should properly respect all aspects of any
+.Xr chroot 8
+or
+.Xr jail 8
+operation performed after it has been initialized.
+Pre-existing jail or chroot environments may not necessarily work
+completely.
+.Nm 's
+filesystem should correctly respect the caching behavior of any of the
+system's filesystems, and so work for any "normal" or "synthetic"
+fileystems.
+After loaded, another root
+.Xr mount 8
+will exist on the system and appear as type "lomacfs".
+.Sh FILES
+See
+.Pa /sys/security/lomac/policy_plm.h
+for specific information on exactly how
+.Nm
+has been compiled to control access to the filesystem.
+.Sh  COMPATIBILITY
+Some programs, for example
+.Xr syslogd 8 ,
+may need to be restarted after
+.Nm
+is initialized for them to continue proper operation.
+This version of
+.Nm
+has not had widespread testing, so some common programs have probably
+not been tested and could have issues that need to be worked around or
+fixed.
+.Sh SEE ALSO
+.Xr kldload 8
+.Sh HISTORY
+.Nm
+was initially implemented for Linux systems over the past several years.
+Since then, this implementation was created via funding from the
+United States DARPA.
+See the copyright for details.
+.Sh AUTHORS
+.Bl -item
+.Li An Brian Fundakowski Feldman Aq bfeldman@tislabs.com
+.Li An Timothy Fraser Aq tfraser@tislabs.com
+.El
+.Sh BUGS
+.Nm
+has not gone through widespread testing yet, so many problems may still exist.
+There is still yet one unfixed panic which is reproduceable under load
+(
+.Xr vrele 9
+begin called too many times).
+The operation of
+.Xr mount 2
+and
+.Xr unmount 2
+may not work properly or at all once
+.Nm
+has been loaded.
+After being loaded, the system must be restarted to revert to a state
+without
+.Nm .