diff options
| author | rwatson <rwatson@FreeBSD.org> | 2002-11-04 17:50:52 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2002-11-04 17:50:52 +0000 |
| commit | ca2d41f7140e63066edf0ddbacd4e4fc58de1b8b (patch) | |
| tree | 546f15b1f1386306fce8879a630e7b18f54d053a /sys/security | |
| parent | 53e18ddfc4ab9138339367a45a89ae1a9d9a5a0c (diff) | |
| download | FreeBSD-src-ca2d41f7140e63066edf0ddbacd4e4fc58de1b8b.zip FreeBSD-src-ca2d41f7140e63066edf0ddbacd4e4fc58de1b8b.tar.gz | |
Implement mpo_check_system_acct and mpo_check_system_settime() for Biba:
require Biba privilege to configure either, and require that accounting
files be high integrity. Note that this does allow implicit information
flow from low to high integrity, but it also protects the integrity
of accounting data.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Diffstat (limited to 'sys/security')
| -rw-r--r-- | sys/security/mac_biba/mac_biba.c | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/sys/security/mac_biba/mac_biba.c b/sys/security/mac_biba/mac_biba.c index 95ef88f..e66ba7b 100644 --- a/sys/security/mac_biba/mac_biba.c +++ b/sys/security/mac_biba/mac_biba.c @@ -1867,6 +1867,50 @@ mac_biba_check_socket_visible(struct ucred *cred, struct socket *socket, } static int +mac_biba_check_system_acct(struct ucred *cred, struct vnode *vp, + struct label *label) +{ + struct mac_biba *subj, *obj; + int error; + + if (!mac_biba_enabled) + return (0); + + subj = SLOT(&cred->cr_label); + + error = mac_biba_subject_privileged(subj); + if (error) + return (error); + + if (label == NULL) + return (0); + + obj = SLOT(label); + if (!mac_biba_high_single(obj)) + return (EACCES); + + return (0); +} + +static int +mac_biba_check_system_settime(struct ucred *cred) +{ + struct mac_biba *subj; + int error; + + if (!mac_biba_enabled) + return (0); + + subj = SLOT(&cred->cr_label); + + error = mac_biba_subject_privileged(subj); + if (error) + return (error); + + return (0); +} + +static int mac_biba_check_system_swapon(struct ucred *cred, struct vnode *vp, struct label *label) { @@ -2606,6 +2650,8 @@ static struct mac_policy_ops mac_biba_ops = .mpo_check_socket_deliver = mac_biba_check_socket_deliver, .mpo_check_socket_relabel = mac_biba_check_socket_relabel, .mpo_check_socket_visible = mac_biba_check_socket_visible, + .mpo_check_system_acct = mac_biba_check_system_acct, + .mpo_check_system_settime = mac_biba_check_system_settime, .mpo_check_system_swapon = mac_biba_check_system_swapon, .mpo_check_system_sysctl = mac_biba_check_system_sysctl, .mpo_check_vnode_access = mac_biba_check_vnode_open, |
