diff options
author | hselasky <hselasky@FreeBSD.org> | 2014-06-28 03:56:17 +0000 |
---|---|---|
committer | hselasky <hselasky@FreeBSD.org> | 2014-06-28 03:56:17 +0000 |
commit | 35b126e324b8032aebea9ab6b4daf7c0bf8daed0 (patch) | |
tree | 2ebc46d89e79d747fa284f379b1979658216c719 /sys/security/mac_portacl | |
parent | 02776baefafae26b2e8b15569fe1868071fb550a (diff) | |
download | FreeBSD-src-35b126e324b8032aebea9ab6b4daf7c0bf8daed0.zip FreeBSD-src-35b126e324b8032aebea9ab6b4daf7c0bf8daed0.tar.gz |
Pull in r267961 and r267973 again. Fix for issues reported will follow.
Diffstat (limited to 'sys/security/mac_portacl')
-rw-r--r-- | sys/security/mac_portacl/mac_portacl.c | 14 |
1 files changed, 4 insertions, 10 deletions
diff --git a/sys/security/mac_portacl/mac_portacl.c b/sys/security/mac_portacl/mac_portacl.c index 1dbd199..17427ee 100644 --- a/sys/security/mac_portacl/mac_portacl.c +++ b/sys/security/mac_portacl/mac_portacl.c @@ -87,27 +87,21 @@ static SYSCTL_NODE(_security_mac, OID_AUTO, portacl, CTLFLAG_RW, 0, "TrustedBSD mac_portacl policy controls"); static int portacl_enabled = 1; -SYSCTL_INT(_security_mac_portacl, OID_AUTO, enabled, CTLFLAG_RW, +SYSCTL_INT(_security_mac_portacl, OID_AUTO, enabled, CTLFLAG_RWTUN, &portacl_enabled, 0, "Enforce portacl policy"); -TUNABLE_INT("security.mac.portacl.enabled", &portacl_enabled); static int portacl_suser_exempt = 1; -SYSCTL_INT(_security_mac_portacl, OID_AUTO, suser_exempt, CTLFLAG_RW, +SYSCTL_INT(_security_mac_portacl, OID_AUTO, suser_exempt, CTLFLAG_RWTUN, &portacl_suser_exempt, 0, "Privilege permits binding of any port"); -TUNABLE_INT("security.mac.portacl.suser_exempt", - &portacl_suser_exempt); static int portacl_autoport_exempt = 1; -SYSCTL_INT(_security_mac_portacl, OID_AUTO, autoport_exempt, CTLFLAG_RW, +SYSCTL_INT(_security_mac_portacl, OID_AUTO, autoport_exempt, CTLFLAG_RWTUN, &portacl_autoport_exempt, 0, "Allow automatic allocation through " "binding port 0 if not IP_PORTRANGELOW"); -TUNABLE_INT("security.mac.portacl.autoport_exempt", - &portacl_autoport_exempt); static int portacl_port_high = 1023; -SYSCTL_INT(_security_mac_portacl, OID_AUTO, port_high, CTLFLAG_RW, +SYSCTL_INT(_security_mac_portacl, OID_AUTO, port_high, CTLFLAG_RWTUN, &portacl_port_high, 0, "Highest port to enforce for"); -TUNABLE_INT("security.mac.portacl.port_high", &portacl_port_high); static MALLOC_DEFINE(M_PORTACL, "portacl_rule", "Rules for mac_portacl"); |