]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 96c33a0) | patch
Expand scope of the MLS policy to include a new entry point available
authorRobert Watson <rwatson@FreeBSD.org>
Tue, 25 Mar 2003 01:16:10 +0000 (01:16 +0000)
committerRobert Watson <rwatson@FreeBSD.org>
Tue, 25 Mar 2003 01:16:10 +0000 (01:16 +0000)
commit4c64787a5b5839489ed2740d7d1140180d74d16a
tree81bd1a5d7c5df1e1fbf23e4ee82180be119d8cbdtree | snapshot
parent96c33a0ceae001e80cfb7cae3bdd9d7bf38baa01commit | diff
Expand scope of the MLS policy to include a new entry point available
for enforcement:

  mac_mls_check_system_swapon() - Require that the subject and the
  swapfile target vnode labels dominate one another.  An additional
  check is probably needed here to require that the swapfile target
  has a label of mls/high to prevent information leakage through
  swapfiles.

Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
sys/security/mac_mls/mac_mls.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.