mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-04 01:48:54 +00:00
6e0e67131f
Simple MAC framework policy to disable access to networking for
certain group. Running kldload mac_nonet.ko to load the kernel
module. The load action require root permissions.
Set gid that shouldn't access the network:
sysctl security.mac.nonet.gid=31337
and enable enforcing:
sysctl security.mac.nonet.enabled=1
Any call to socket(2) from user in this group will end with EPERM.
You can also select group that can access only AF_UNIX sockets with
security.mac.nonet.local_gid.
WWW: https://github.com/pbiernacki/mac_nonet
PR: 219376
Submitted by: amutu@amutu.com
Reviewed by: bapt
4 lines
213 B
Plaintext
4 lines
213 B
Plaintext
TIMESTAMP = 1495107566
|
|
SHA256 (pbiernacki-mac_nonet-g20150821-f7e008a_GH0.tar.gz) = 996281aa2e26528cbc4c265101e5f3996958cc816cb3434d412c5b6f51df6604
|
|
SIZE (pbiernacki-mac_nonet-g20150821-f7e008a_GH0.tar.gz) = 1862
|