summaryrefslogtreecommitdiffstats
path: root/sys/security
Commit message (Expand)AuthorAgeFilesLines
* Add TrustedBSD credit to new ugidfw_internal.h file.rwatson2008-10-271-0/+2
* Break mac_bsdextended.c out into multiple .c files, with the base accessrwatson2008-10-274-1451/+149
* Copy mac_bsdextended.c to two object-specific files as a prototype for howrwatson2008-10-272-0/+1536
* Implement MAC policy support for IPv6 fragment reassembly queues,rwatson2008-10-265-5/+275
* Add a MAC label, MAC Framework, and MAC policy entry points for IPv6rwatson2008-10-263-3/+129
* Fix a number of style issues in the MALLOC / FREE commit. I've tried todes2008-10-231-1/+2
* Retire the MALLOC and FREE macros. They are an abomination unto style(9).des2008-10-232-4/+3
* Add a mac_inpcb_check_visible implementation to all MAC policiesbz2008-10-177-0/+111
* Add mac_inpcb_check_visible MAC Framework entry point, which is similarbz2008-10-173-0/+16
* Use the label from the socket credential rather than thebz2008-10-171-1/+2
* Remove unit2minor() use from kernel code.ed2008-09-261-1/+1
* Remove the suser(9) interface from the kernel. It has been replaced fromattilio2008-09-171-8/+24
* Remove VSVTX, VSGID and VSUID. This should be a no-op,trasz2008-09-101-2/+3
* Unbreak the build.des2008-09-041-2/+2
* If the process id specified is invalid, the system call returns ESRCHkevlo2008-09-041-10/+10
* Decontextualize the couplet VOP_GETATTR / VOP_SETATTR as the passed threadattilio2008-08-284-5/+4
* More fully audit fexecve(2) and its arguments.rwatson2008-08-251-0/+7
* Use ERANGE instead of EOVERFLOW selected in r182059, this seems morerwatson2008-08-241-1/+1
* Use sbuf_putc instead of sbuf_cat. This makes more sense, since we arecsjp2008-08-241-1/+1
* Introduce two related changes to the TrustedBSD MAC Framework:rwatson2008-08-2327-161/+456
* When getaudit(2) is unable to fit the terminal IPv6 address into therwatson2008-08-231-1/+1
* Make sure we check the preselection masks present for all audit pipes.csjp2008-08-111-1/+2
* Add sbuf_new_auto as a shortcut for the very common case of creating ades2008-08-091-1/+1
* Minor style tweaks.rwatson2008-08-023-24/+15
* Rename mac_partition_enabled to partition_enabled to synchronize withrwatson2008-08-021-3/+3
* In mac_bsdextended's auditctl and acct policy access control checks,rwatson2008-07-311-11/+8
* Currently, BSM audit pathname token generation for chrooted or jailedcsjp2008-07-311-55/+93
* Further synchronization of copyrights, licenses, white space, etc fromrwatson2008-07-319-11/+10
* Minor white space tweak.rwatson2008-07-231-1/+1
* If an AUE_SYSCTL_NONADMIN audit event is selected, generate a recordrwatson2008-07-221-0/+1
* Further minor style fixes to audit.rwatson2008-07-221-5/+10
* Remove unneeded \ at the end of a macro.rwatson2008-07-221-1/+1
* Further minor white space tweaks.rwatson2008-07-221-2/+2
* Generally avoid <space><tab> as a white space anomoly.rwatson2008-07-225-18/+18
* Use #define<tab> rather than #define<space>.rwatson2008-07-222-9/+9
* Comment fix.rwatson2008-07-221-1/+1
* Comment typo fix.rwatson2008-07-221-1/+1
* Minor white space synchronization to Apple version of security audit.rwatson2008-07-221-4/+4
* In preparation to sync Apple and FreeBSD versions of security audit,rwatson2008-07-229-18/+18
* Use unsigned int when iterating over groupsets in audit_arg_groupset().rwatson2008-07-221-1/+1
* Rework the lifetime management of the kernel implementation of POSIXjhb2008-06-277-42/+136
* Add missing counter increments for posix shm checks.jhb2008-06-261-0/+5
* Remove the posixsem_check_destroy() MAC check. It is semantically identicaljhb2008-06-237-39/+0
* The TrustedBSD MAC Framework named struct ipq instances 'ipq', which is therwatson2008-06-138-74/+73
* Don't enforce unique device minor number policy anymore.ed2008-06-111-1/+1
* When the file-system containing the audit log file is running low onsimon2008-06-101-1/+3
* Add an XXX comment regarding a bug I introduced when modifying the behaviorrwatson2008-06-031-0/+3
* Plug a memory leak which can occur when multiple MAC policies are loadedcsjp2008-05-271-0/+4
* Don't use LK_DRAIN before calling VOP_FSYNC() in the two furtherrwatson2008-05-211-2/+2
* Don't use LK_DRAIN before calling VOP_FSYNC() in the panic case forrwatson2008-05-211-1/+1
OpenPOWER on IntegriCloud