summaryrefslogtreecommitdiffstats
path: root/sys/security/mac_bsdextended
Commit message (Expand)AuthorAgeFilesLines
* Add hierarchical jails. A jail may further virtualize its environmentjamie2009-05-271-2/+2
* Get rid of VSTAT and replace it with VSTAT_PERMS, which is somewhattrasz2009-03-291-2/+2
* Mark the bsdextended rules sysctl as being mpsafe.csjp2009-03-091-2/+2
* Remove 'uio' argument from MAC Framework and MAC policy entry points forrwatson2009-03-082-8/+4
* Rather than having MAC policies explicitly declare what object typesrwatson2009-01-101-1/+1
* MFp4:bz2008-11-291-0/+1
* The V* flags passed using an accmode_t to the access() and open()rwatson2008-10-303-12/+26
* Introduce accmode_t. This is required for NFSv4 ACLs - it will be neccessarytrasz2008-10-282-6/+14
* When the mac_bsdextended policy is unloaded, free rule memory.rwatson2008-10-271-0/+5
* Add TrustedBSD credit to new ugidfw_internal.h file.rwatson2008-10-271-0/+2
* Break mac_bsdextended.c out into multiple .c files, with the base accessrwatson2008-10-274-1451/+149
* Copy mac_bsdextended.c to two object-specific files as a prototype for howrwatson2008-10-272-0/+1536
* Fix a number of style issues in the MALLOC / FREE commit. I've tried todes2008-10-231-1/+2
* Retire the MALLOC and FREE macros. They are an abomination unto style(9).des2008-10-231-3/+2
* Remove the suser(9) interface from the kernel. It has been replaced fromattilio2008-09-171-8/+24
* Remove VSVTX, VSGID and VSUID. This should be a no-op,trasz2008-09-101-2/+3
* Decontextualize the couplet VOP_GETATTR / VOP_SETATTR as the passed threadattilio2008-08-281-1/+1
* Introduce two related changes to the TrustedBSD MAC Framework:rwatson2008-08-231-1/+1
* In mac_bsdextended's auditctl and acct policy access control checks,rwatson2008-07-311-11/+8
* Resort TrustedBSD MAC Framework policy entry point implementations andrwatson2007-10-291-0/+4
* Consistently name functions for mac_<policy> as <policy>_whatever ratherrwatson2007-10-251-133/+131
* Merge first in a series of TrustedBSD MAC Framework KPI changesrwatson2007-10-241-58/+62
* Rename mac_check_vnode_delete() MAC Framework and MAC Policy entryrwatson2007-09-101-14/+14
* In preparation for 7.0 privilege cleanup, clean up style:rwatson2007-07-052-87/+32
* Include priv.h to pick up suser(9) definitions, missed in an earlierrwatson2007-06-131-0/+1
* Apply variable name normalization to MAC policies: adopt global conventionsrwatson2007-04-231-32/+35
* Allow MAC policy modules to control access to audit configuration systemrwatson2007-04-211-0/+27
* More unnecessary include reduction.rwatson2007-02-231-17/+2
* Move mapping of MBI_APPEND to MBI_WRITE from inside the rule loop inrwatson2007-02-201-9/+8
* Continue 7-CURRENT MAC Framework rearrangement and cleanup:rwatson2007-02-061-1/+0
* Move src/sys/sys/mac_policy.h, the kernel interface between the MACrwatson2006-12-221-2/+1
* Sweep kernel replacing suser(9) calls with priv(9) calls, assigningrwatson2006-11-061-0/+3
* Add some new options to mac_bsdestended. We can now match on:dwmalone2006-04-232-35/+210
* Create a mac_bsdextended_check_vp function that takes a cred, adwmalone2006-03-041-280/+43
* Fix potential overrun of static stack allocated array which storescsjp2006-01-151-1/+1
* If a "hole" opens up in the ruleset (i.e.: remove 5), do not returntrhodes2005-07-281-5/+2
* Add locking support to mac_bsdextended:trhodes2005-04-221-37/+67
* Minor white space synchronization and line wrapping.rwatson2004-10-221-0/+1
* Bump copyright dates for NETA on these files.rwatson2004-10-212-2/+2
* Modify mac_bsdextended policy so that it defines its own vnode accessrwatson2004-10-212-33/+74
* Remove the debugging tunable, it was not being used.trhodes2004-09-101-10/+1
* Allow mac_bsdextended(4) to log failed attempts to syslog's AUTHPRIVtrhodes2004-08-211-5/+19
* Give the mac_bsdextended(4) policy the ability to match and apply on a firsttrhodes2004-08-211-2/+21
* Allow an effective uid of root to bypass mac_bsdextended rules; the MACrwatson2004-07-231-0/+3
* Update my personal copyrights and NETA copyrights in the kernelrwatson2004-02-222-4/+4
* Implementations of mpo_check_vnode_deleteextattr() andrwatson2003-08-211-1/+35
* Remove trailing whitespace.rwatson2003-07-051-3/+3
* Trim "trustedbsd_" from the front of the policy module "short names";rwatson2003-03-271-1/+1
* Expand scope of the BSD extended "file system firewall" policy torwatson2003-03-251-0/+17
* Back out M_* changes, per decision of the TRB.imp2003-02-191-1/+1
OpenPOWER on IntegriCloud