Create releng/7.2 from stable/7 in preparation for 7.2-RELEASE.

[FreeBSD/releng/7.2.git] / lib / libc / posix1e / mac.3

.\" Copyright (c) 2001, 2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by Chris
.\" Costello at Safeport Network Services and Network Associates
.\" Laboratories, the Security Research Division of Network Associates,
.\" Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part
.\" of the DARPA CHATS research program.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $FreeBSD$
.\"
.Dd April 19, 2003
.Dt MAC 3
.Os
.Sh NAME
.Nm mac
.Nd introduction to the MAC security API
.Sh LIBRARY
.Lb libc
.Sh SYNOPSIS
.In sys/mac.h
.Pp
In the kernel configuration file:
.Cd "options MAC"
.Sh DESCRIPTION
.Fx
permits administrators to define Mandatory Access Control labels
defining levels for the privacy and integrity of data,
overriding discretionary policies
for those objects.
Not all objects currently provide support for MAC labels,
and MAC support must be explicitly enabled by the administrator.
The library calls include routines to retrieve, duplicate,
and set MAC labels associated with files and processes.
.Pp
POSIX.1e describes a set of MAC manipulation routines
to manage the contents of MAC labels,
as well as their relationships with
files and processes;
almost all of these support routines
are implemented in
.Fx .
.Pp
Available functions, sorted by behavior, include:
.Bl -tag -width indent
.It Fn mac_get_fd
This function is described in
.Xr mac_get 3 ,
and may be used to retrieve the
MAC label associated with
a specific file descriptor.
.It Fn mac_get_file
This function is described in
.Xr mac_get 3 ,
and may be used to retrieve the
MAC label associated with
a named file.
.It Fn mac_get_proc
This function is described in
.Xr mac_get 3 ,
and may be used to retrieve the
MAC label associated with
the calling process.
.It Fn mac_set_fd
This function is described in
.Xr mac_set 3 ,
and may be used to set the
MAC label associated with
a specific file descriptor.
.It Fn mac_set_file
This function is described in
.Xr mac_set 3 ,
and may be used to set the
MAC label associated with
a named file.
.It Fn mac_set_proc
This function is described in
.Xr mac_set 3 ,
and may be used to set the
MAC label associated with
the calling process.
.It Fn mac_free
This function is described in
.Xr mac_free 3 ,
and may be used to free
userland working MAC label storage.
.It Fn mac_from_text
This function is described in
.Xr mac_text 3 ,
and may be used to convert
a text-form MAC label
into a working
.Vt mac_t .
.It Fn mac_prepare
.It Fn mac_prepare_file_label
.It Fn mac_prepare_ifnet_label
.It Fn mac_prepare_process_label
These functions are described in
.Xr mac_prepare 3 ,
and may be used to preallocate storage for MAC label retrieval.
.Xr mac_prepare 3
prepares a label based on caller-specified label names; the other calls
rely on the default configuration specified in
.Xr mac.conf 5 .
.It Fn mac_to_text
This function is described in
.Xr mac_text 3 ,
and may be used to convert a
.Vt mac_t
into a text-form MAC label.
.El
The behavior of some of these calls is influenced by the configuration
settings found in
.Xr mac.conf 5 ,
the MAC library run-time configuration file.
.Sh IMPLEMENTATION NOTES
.Fx Ns 's
support for POSIX.1e interfaces and features
is
.Ud .
.Sh FILES
.Bl -tag -width ".Pa /etc/mac.conf" -compact
.It Pa /etc/mac.conf
MAC library configuration file, documented in
.Xr mac.conf 5 .
Provides default behavior for applications aware of MAC labels on
system objects, but without policy-specific knowledge.
.El
.Sh SEE ALSO
.Xr mac_free 3 ,
.Xr mac_get 3 ,
.Xr mac_prepare 3 ,
.Xr mac_set 3 ,
.Xr mac_text 3 ,
.Xr mac 4 ,
.Xr mac.conf 5 ,
.Xr mac 9
.Sh STANDARDS
These APIs are loosely based on the APIs described in POSIX.1e.
POSIX.1e is described in IEEE POSIX.1e draft 17.
Discussion of the draft
continues on the cross-platform POSIX.1e implementation mailing list.
To join this list, see the
.Fx
POSIX.1e implementation page
for more information.
However, the resemblance of these APIs to the POSIX APIs is only loose,
as the POSIX APIs were unable to express many notions required for
flexible and extensible access control.
.Sh HISTORY
Support for Mandatory Access Control was introduced in
.Fx 5.0
as part of the
.Tn TrustedBSD
Project.
.Sh BUGS
The
.Tn TrustedBSD
MAC Framework and associated policies, interfaces, and
applications are considered to be an experimental feature in
.Fx .
Sites considering production deployment should keep the experimental
status of these services in mind during any deployment process.
See also
.Xr mac 9
for related considerations regarding the kernel framework.