Document the following MAC policies:

o None: Stub policy
o Seeotheruids: The "see processes and sockets owned by other users" policy
o Test: Debugging policy

Standardize the SYNOPSIS and HISTORY sections.

Update SEE ALSO sections.

share/man/man4/Makefile

@@ -98,6 +98,9 @@ MAN=	aac.4 \
 	mac_biba.4 \
 	mac_bsdextended.4 \
 	mac_mls.4 \
+	mac_none.4 \
+	mac_seeotheruids.4 \
+	mac_test.4 \
 	mouse.4 \
 	mtio.4 \
 	natm.4 \

share/man/man4/mac_biba.4

@@ -36,8 +36,18 @@
 .Nm mac_biba
 .Nd Biba data integrity policy
 .Sh SYNOPSIS
+To compile Biba into your kernel, place the following lines in your kernel
+configuration file:
 .Cd "options MAC"
-.Li "kldload mac_biba"
+.Cd "options MAC_BIBA"
+.Pp
+Alternately, to load the Biba module at boot time, place the following line
+in your kernel configuration file:
+.Cd "options MAC"
+.Pp
+and in
+.Xr loader.conf 5 :
+.Cd mac_biba_load= Ns \&"YES"
 .Sh DESCRIPTION
 The
 .Nm
@@ -165,7 +175,11 @@ Multi-Level Security (MLS) protects the confentiality, rather than the
 integrity, of subjects and objects.
 .Sh SEE ALSO
 .Xr LOMAC 4 ,
+.Xr mac_bsdextended 4 ,
 .Xr mac_mls 4 ,
+.Xr mac_none 4 ,
+.Xr mac_seeotheruids 4 ,
+.Xr mac_test 4 ,
 .Xr mac 9
 .Sh HISTORY
 The

share/man/man4/mac_bsdextended.4

@@ -37,10 +37,21 @@
 .Dt MAC_BSDEXTENDED 4
 .Sh NAME
 .Nm mac_bsdextended
-.Nd subject-object interaction rules policy
+.Nd file system firewall policy
 .Sh SYNOPSIS
-.\" .Cd options MAC_BSDEXTENDED
-.Li kldload mac_bsdextended
+.\" To compile the file system firewall policy into your kernel,
+.\" place the following lines in your kernel configuration file:
+.\" .Cd "options MAC"
+.\" .Cd "options MAC_BSDEXTENDED"
+.\" .Pp
+.\" Alternately, to load the MLS module at boot time, place the following line
+To load the file system firewall policy module at boot time,
+place the following line in your kernel configuration file:
+.Cd "options MAC"
+.Pp
+and in
+.Xr loader.conf 5 :
+.Cd mac_bsdextended_load= Ns \&"YES"
 .Sh DESCRIPTION
 The
 .Nm
@@ -48,6 +59,8 @@ interface provides an interface for the system administrator
 to impose mandatory rules regarding users and some system objects.
 Rules are uploaded to the module
 (typically using
+.Xr ugidfw 8 ,
+or some other tool utilizing
 .Xr libugidfw 3 )
 where they are stored internally
 and used to determine whether to allow or deny specific accesses
@@ -65,13 +78,19 @@ is found,
 or the end of the list is reached.
 .Sh SEE ALSO
 .Xr libugidfw 3 ,
+.Xr mac_biba 4 ,
+.Xr mac_mls 4 ,
+.Xr mac_none 4 ,
+.Xr mac_seeotheruids 4 ,
+.Xr mac_test 4 ,
 .Xr ugidfw 8 ,
 .Xr mac 9
 .Sh HISTORY
 The
 .Nm
-interface was first introduced in
-.Fx 5.0 .
+policy module first appeared in
+.Fx 5.0
+and was developed by the TrustedBSD Project.
 .Sh AUTHORS
 This software was contributed to the
 .Fx

share/man/man4/mac_mls.4

@@ -172,8 +172,13 @@ in order to change network interface MLS labels.
 This will eventually go away, but it is currently a liability and may
 allow the superuser to bypass MLS protections.
 .Sh SEE ALSO
-.Xr maclabel 7 ,
 .Xr mac_biba 4 ,
+.Xr mac_bsdextended 4 ,
+.Xr mac_mls 4 ,
+.Xr mac_none 4 ,
+.Xr mac_seeotheruids 4 ,
+.Xr mac_test 4
+.Xr maclabel 7 ,
 .Xr mac 9
 .Sh HISTORY
 The

share/man/man4/mac_none.4

@@ -0,0 +1,93 @@
+.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" All rights reserved.
+.\" 
+.\" This software was developed for the FreeBSD Project by Chris
+.\" Costello at Safeport Network Services and Network Associates Labs,
+.\" the Security Research Division of Network Associates, Inc. under
+.\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
+.\" DARPA CHATS research program.
+.\" 
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\" 
+.\" $FreeBSD$
+.Dd DECEMBER 1, 2002
+.Os
+.Dt MAC_NONE 4
+.Sh NAME
+.Nm mac_none
+.Nd sample MAC policy module
+.Sh SYNOPSIS
+To compile the sample policy
+into your kernel, place the following lines in your kernel
+configuration file:
+.Cd "options MAC"
+.Cd "options MAC_NONE"
+.Pp
+Alternately, to load the sample module at boot time, place the following line
+in your kernel configuration file:
+.Cd "options MAC"
+.Pp
+and in
+.Xr loader.conf 5 :
+.Cd mac_none_load= Ns \&"YES"
+.Sh DESCRIPTION
+The
+.Nm
+policy module implements a sample MAC policy that has no effect on
+access control in the system.
+Each MAC entry point is a
+.Dq no-op .
+.Ss Label Format
+No labels are defined for
+.Nm .
+.Sh SEE ALSO
+.Xr mac_biba 4 ,
+.Xr mac_bsdextended 4 ,
+.Xr mac_mls 4 ,
+.Xr mac_seeotheruids 4 ,
+.Xr mac_test 4 ,
+.Xr mac 9
+.Sh HISTORY
+The
+.Nm
+policy module first appeared in
+.Fx 5.0
+and was developed by the TrustedBSD Project.
+.Sh AUTHORS
+This software was contributed to the
+.Fx
+Project by Network Associates Labs,
+the Security Research Division of Network Associates
+Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
+as part of the DARPA CHATS research program.
+.Sh BUGS
+See
+.Xr mac 9
+concerning appropriateness for production use.
+The TrustedBSD MAC Framework is considered experimental in
+.Fx .
+.Pp
+While the MAC Framework design is intended to support the containment of  
+the root user, not all attack channels are currently protected by entry
+point checks.
+As such, MAC Framework policies should not be relied on, in isolation,
+to protect against a malicious privileged user.

share/man/man4/mac_seeotheruids.4

@@ -0,0 +1,113 @@
+.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" All rights reserved.
+.\" 
+.\" This software was developed for the FreeBSD Project by Chris
+.\" Costello at Safeport Network Services and Network Associates Labs,
+.\" the Security Research Division of Network Associates, Inc. under
+.\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
+.\" DARPA CHATS research program.
+.\" 
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\" 
+.\" $FreeBSD$
+.Dd DECEMBER 8, 2002
+.Os
+.Dt MAC_SEEOTHERUIDS 4
+.Sh NAME
+.Nm mac_seeotheruids
+.Nd simple policy controlling whether users see other users
+.Sh SYNOPSIS
+To compile the mac_seeotheruids
+policy into your kernel, place the following lines in your kernel
+configuration file:
+.Cd "options MAC"
+.Cd "options MAC_SEEOTHERUIDS"
+.Pp
+Alternately, to load the module at boot time, place the following line
+in your kernel configuration file:
+.Cd "options MAC"
+.Pp
+and in
+.Xr loader.conf.5 :
+.Cd mac_seeotheruids_load= Ns \&"YES"
+.Sh DESCRIPTION
+The
+.Nm
+policy module, when enabled, denies users to see processes or sockets owned
+by other users.
+.Pp
+To enable
+.Nm ,
+set the sysctl OID
+.Va security.mac.seeotheruids.enabled
+to
+.Li 1 .
+.Pp
+To allow users to see processes and sockets owned by the same primary group,
+set the sysctl OID
+.Va security.mac.seeotheruids.primarygroup_enabled
+to
+.Li 1 .
+.Pp
+To allow processes with a specific group ID to be exempt from the policy,
+set the sysctl OID
+.Va security.mac.seeotheruids.specificgid_enabled
+to
+.Li 1 ,
+and
+.Va security.mac.seeotheruids.specificgid
+to the gid to be exempted.
+.Ss Label Format
+No labels are defined for
+.Nm .
+.Sh SEE ALSO
+.Xr mac_biba 4 ,
+.Xr mac_bsdextended 4 ,
+.Xr mac_mls 4 ,
+.Xr mac_none 4 ,
+.Xr mac_test 4 ,
+.Xr mac 9
+.Sh HISTORY
+The
+.Nm
+policy module first appeared in
+.Fx 5.0
+and was developed by the TrustedBSD Project.
+.Sh AUTHORS
+This software was contributed to the
+.Fx
+Project by Network Associates Labs,
+the Security Research Division of Network Associates
+Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
+as part of the DARPA CHATS research program.
+.Sh BUGS
+See
+.Xr mac 9
+concerning appropriateness for production use.
+The TrustedBSD MAC Framework is considered experimental in
+.Fx .
+.Pp
+While the MAC Framework design is intended to support the containment of
+the root user, not all attack channels are currently protected by entry
+point checks.
+As such, MAC Framework policies should not be relied on, in isolation,
+to protect against a malicious privileged user.

share/man/man4/mac_stub.4

@@ -0,0 +1,93 @@
+.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" All rights reserved.
+.\" 
+.\" This software was developed for the FreeBSD Project by Chris
+.\" Costello at Safeport Network Services and Network Associates Labs,
+.\" the Security Research Division of Network Associates, Inc. under
+.\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
+.\" DARPA CHATS research program.
+.\" 
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\" 
+.\" $FreeBSD$
+.Dd DECEMBER 1, 2002
+.Os
+.Dt MAC_NONE 4
+.Sh NAME
+.Nm mac_none
+.Nd sample MAC policy module
+.Sh SYNOPSIS
+To compile the sample policy
+into your kernel, place the following lines in your kernel
+configuration file:
+.Cd "options MAC"
+.Cd "options MAC_NONE"
+.Pp
+Alternately, to load the sample module at boot time, place the following line
+in your kernel configuration file:
+.Cd "options MAC"
+.Pp
+and in
+.Xr loader.conf 5 :
+.Cd mac_none_load= Ns \&"YES"
+.Sh DESCRIPTION
+The
+.Nm
+policy module implements a sample MAC policy that has no effect on
+access control in the system.
+Each MAC entry point is a
+.Dq no-op .
+.Ss Label Format
+No labels are defined for
+.Nm .
+.Sh SEE ALSO
+.Xr mac_biba 4 ,
+.Xr mac_bsdextended 4 ,
+.Xr mac_mls 4 ,
+.Xr mac_seeotheruids 4 ,
+.Xr mac_test 4 ,
+.Xr mac 9
+.Sh HISTORY
+The
+.Nm
+policy module first appeared in
+.Fx 5.0
+and was developed by the TrustedBSD Project.
+.Sh AUTHORS
+This software was contributed to the
+.Fx
+Project by Network Associates Labs,
+the Security Research Division of Network Associates
+Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
+as part of the DARPA CHATS research program.
+.Sh BUGS
+See
+.Xr mac 9
+concerning appropriateness for production use.
+The TrustedBSD MAC Framework is considered experimental in
+.Fx .
+.Pp
+While the MAC Framework design is intended to support the containment of  
+the root user, not all attack channels are currently protected by entry
+point checks.
+As such, MAC Framework policies should not be relied on, in isolation,
+to protect against a malicious privileged user.

share/man/man4/mac_test.4

@@ -0,0 +1,99 @@
+.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" All rights reserved.
+.\" 
+.\" This software was developed for the FreeBSD Project by Chris
+.\" Costello at Safeport Network Services and Network Associates Labs,
+.\" the Security Research Division of Network Associates, Inc. under
+.\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
+.\" DARPA CHATS research program.
+.\" 
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\" 
+.\" $FreeBSD$
+.Dd DECEMBER 1, 2002
+.Os
+.Dt MAC_TEST 4
+.Sh NAME
+.Nm mac_test
+.Nd MAC framework testing policy
+.Sh SYNOPSIS
+To compile the testing policy
+into your kernel, place the following lines in your kernel
+configuration file:
+.Cd "options MAC"
+.Cd "options MAC_TEST"
+.Pp
+Alternately, to load the testing module at boot time, place the following line
+in your kernel configuration file:
+.Cd "options MAC"
+.Pp
+and in
+.Xr loader.conf.5 :
+.Cd mac_test_load= Ns \&"YES"
+.Sh DESCRIPTION
+The
+.Nm
+policy module implements a testing facility for the MAC framework.
+Among other things,
+.Nm
+will try to catch corrupt labels the system is attempting to destroy and
+drop to the debugger.
+Additionally, a set of statistics regarding the number of times various
+MAC framework entry points have been called is stored in the
+.Va security.mac.test
+.Xr sysctl 8
+tree.
+.Ss Label Format
+No labels are defined for
+.Nm .
+.Sh SEE ALSO
+.Xr mac_biba 4 ,
+.Xr mac_bsdextended 4 ,
+.Xr mac_mls 4 ,
+.Xr mac_none 4 ,
+.Xr mac_seeotheruids 4 ,
+.Xr mac 9
+.Sh HISTORY
+The
+.Nm
+policy module first appeared in
+.Fx 5.0
+and was developed by the TrustedBSD Project.
+.Sh AUTHORS
+This software was contributed to the
+.Fx
+Project by Network Associates Labs,
+the Security Research Division of Network Associates
+Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
+as part of the DARPA CHATS research program.
+.Sh BUGS
+See
+.Xr mac 9
+concerning appropriateness for production use.
+The TrustedBSD MAC Framework is considered experimental in
+.Fx .
+.Pp
+While the MAC Framework design is intended to support the containment of
+the root user, not all attack channels are currently protected by entry
+point checks.
+As such, MAC Framework policies should not be relied on, in isolation,
+to protect against a malicious privileged user.