aboutsummaryrefslogtreecommitdiff
path: root/sys/security/mac_bsdextended/mac_bsdextended.c
Commit message (Expand)AuthorAgeFilesLines
* Deduplicate fsid comparisonsRyan Moeller2020-05-211-3/+2
* Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many)Pawel Biernacki2020-02-261-1/+2
* Remove unused argument to priv_check_cred.Mateusz Guzik2018-12-111-6/+5
* Correct bitwise test in mac_bsdextended ugidfw_rule_valid()Ed Maste2017-06-131-1/+1
* Pull in r267961 and r267973 again. Fix for issues reported will follow.Hans Petter Selasky2014-06-281-2/+1
* Revert r267961, r267973:Glen Barber2014-06-271-1/+2
* Extend the meaning of the CTLFLAG_TUN flag to automatically check ifHans Petter Selasky2014-06-271-2/+1
* Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs.Ed Schouten2011-11-071-2/+2
* Mark MALLOC_DEFINEs static that have no corresponding MALLOC_DECLAREs.Ed Schouten2011-11-071-1/+2
* Add hierarchical jails. A jail may further virtualize its environmentJamie Gritton2009-05-271-2/+2
* Get rid of VSTAT and replace it with VSTAT_PERMS, which is somewhatEdward Tomasz Napierala2009-03-291-2/+2
* Mark the bsdextended rules sysctl as being mpsafe.Christian S.J. Peron2009-03-091-2/+2
* Rather than having MAC policies explicitly declare what object typesRobert Watson2009-01-101-1/+1
* MFp4:Bjoern A. Zeeb2008-11-291-0/+1
* The V* flags passed using an accmode_t to the access() and open()Robert Watson2008-10-301-1/+22
* When the mac_bsdextended policy is unloaded, free rule memory.Robert Watson2008-10-271-0/+5
* Break mac_bsdextended.c out into multiple .c files, with the base accessRobert Watson2008-10-271-272/+3
* Fix a number of style issues in the MALLOC / FREE commit. I've tried toDag-Erling Smørgrav2008-10-231-1/+2
* Retire the MALLOC and FREE macros. They are an abomination unto style(9).Dag-Erling Smørgrav2008-10-231-3/+2
* Remove the suser(9) interface from the kernel. It has been replaced fromAttilio Rao2008-09-171-8/+24
* Remove VSVTX, VSGID and VSUID. This should be a no-op,Edward Tomasz Napierala2008-09-101-2/+3
* Decontextualize the couplet VOP_GETATTR / VOP_SETATTR as the passed threadAttilio Rao2008-08-281-1/+1
* Introduce two related changes to the TrustedBSD MAC Framework:Robert Watson2008-08-231-1/+1
* In mac_bsdextended's auditctl and acct policy access control checks,Robert Watson2008-07-311-11/+8
* Resort TrustedBSD MAC Framework policy entry point implementations andRobert Watson2007-10-291-0/+4
* Consistently name functions for mac_<policy> as <policy>_whatever ratherRobert Watson2007-10-251-133/+131
* Merge first in a series of TrustedBSD MAC Framework KPI changesRobert Watson2007-10-241-58/+62
* Rename mac_check_vnode_delete() MAC Framework and MAC Policy entryRobert Watson2007-09-101-14/+14
* In preparation for 7.0 privilege cleanup, clean up style:Robert Watson2007-07-051-83/+28
* Include priv.h to pick up suser(9) definitions, missed in an earlierRobert Watson2007-06-131-0/+1
* Apply variable name normalization to MAC policies: adopt global conventionsRobert Watson2007-04-231-32/+35
* Allow MAC policy modules to control access to audit configuration systemRobert Watson2007-04-211-0/+27
* More unnecessary include reduction.Robert Watson2007-02-231-17/+2
* Move mapping of MBI_APPEND to MBI_WRITE from inside the rule loop inRobert Watson2007-02-201-9/+8
* Continue 7-CURRENT MAC Framework rearrangement and cleanup:Robert Watson2007-02-061-1/+0
* Move src/sys/sys/mac_policy.h, the kernel interface between the MACRobert Watson2006-12-221-2/+1
* Sweep kernel replacing suser(9) calls with priv(9) calls, assigningRobert Watson2006-11-061-0/+3
* Add some new options to mac_bsdestended. We can now match on:David Malone2006-04-231-25/+158
* Create a mac_bsdextended_check_vp function that takes a cred, aDavid Malone2006-03-041-280/+43
* Fix potential overrun of static stack allocated array which storesChristian S.J. Peron2006-01-151-1/+1
* If a "hole" opens up in the ruleset (i.e.: remove 5), do not returnTom Rhodes2005-07-281-5/+2
* Add locking support to mac_bsdextended:Tom Rhodes2005-04-221-37/+67
* Minor white space synchronization and line wrapping.Robert Watson2004-10-221-0/+1
* Bump copyright dates for NETA on these files.Robert Watson2004-10-211-1/+1
* Modify mac_bsdextended policy so that it defines its own vnode accessRobert Watson2004-10-211-33/+59
* Remove the debugging tunable, it was not being used.Tom Rhodes2004-09-101-10/+1
* Allow mac_bsdextended(4) to log failed attempts to syslog's AUTHPRIVTom Rhodes2004-08-211-5/+19
* Give the mac_bsdextended(4) policy the ability to match and apply on a firstTom Rhodes2004-08-211-2/+21
* Allow an effective uid of root to bypass mac_bsdextended rules; the MACRobert Watson2004-07-231-0/+3
* Update my personal copyrights and NETA copyrights in the kernelRobert Watson2004-02-221-2/+2