mirror of
https://git.FreeBSD.org/src.git
synced 2024-12-18 10:35:55 +00:00
Add an initial lomac(4) manpage.
Sponsored by: DARPA, NAI Labs (CBOSS project)
This commit is contained in:
parent
93c72bff49
commit
4085c80697
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=86698
@ -72,6 +72,7 @@ MAN= aac.4 \
|
||||
ktr.4 \
|
||||
lge.4 \
|
||||
lo.4 \
|
||||
lomac.4 \
|
||||
lp.4 \
|
||||
lpbb.4 \
|
||||
lpt.4 \
|
||||
|
133
share/man/man4/lomac.4
Normal file
133
share/man/man4/lomac.4
Normal file
@ -0,0 +1,133 @@
|
||||
.\" Copyright (c) 2001 Networks Associates Technologies, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by NAI Labs, the
|
||||
.\" Security Research Division of Network Associates, Inc. under
|
||||
.\" DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA
|
||||
.\" CHATS research program.
|
||||
.\"
|
||||
.\" Redistribution and use in source and binary forms, with or without
|
||||
.\" modification, are permitted provided that the following conditions
|
||||
.\" are met:
|
||||
.\" 1. Redistributions of source code must retain the above copyright
|
||||
.\" notice, this list of conditions and the following disclaimer.
|
||||
.\" 2. Redistributions in binary form must reproduce the above copyright
|
||||
.\" notice, this list of conditions and the following disclaimer in the
|
||||
.\" documentation and/or other materials provided with the distribution.
|
||||
.\" 3. The name of the author may not be used to endorse or promote
|
||||
.\" products derived from this software without specific prior written
|
||||
.\" permission.
|
||||
.\"
|
||||
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.Dd November 20, 2001
|
||||
.Dt LOMAC 4
|
||||
.Os FreeBSD 5.0
|
||||
.Sh NAME
|
||||
.Nm LOMAC
|
||||
.Nd Low-Watermark Mandatory Access Control security facility
|
||||
.Sh USAGE
|
||||
.Dl # /sbin/kldload lomac
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Nm
|
||||
module provides a drop-in security mechanism in addition to the traditional
|
||||
POSIX uid-based security facilities, requiring no additional configuration
|
||||
from the administrator.
|
||||
.Nm
|
||||
aims to be two things: it is non-intrusive, so that the system with
|
||||
.Nm
|
||||
will not feel largely different from the system without it, and will not
|
||||
require much modification to intialize; it is also comprehensive enough
|
||||
that a majority of attacks to compromise a system should fail.
|
||||
.Pp
|
||||
To this end, each process on the system will have a label of several
|
||||
attributes, including a "high" or "low" security level, attached to it,
|
||||
and these labels of integrity will be managed with a system cognizant
|
||||
of IPC (signals, debugging, sockets, pipes), path-based filesystem
|
||||
labels, virtual memory objects, and privileged system calls.
|
||||
A process (or set of vmspace-sharing processes) will initially inherit
|
||||
the integrity level of its parent, which, at the point of
|
||||
.Nm
|
||||
being started with
|
||||
.Xr kldload 8 ,
|
||||
will be high.
|
||||
If it reads lower-integrity data from one of the controlled mechanisms,
|
||||
it will then decrease its integrity level, and access to modify
|
||||
higher-integrity data will be revoked.
|
||||
.Sh IMPLEMENTATION NOTES
|
||||
.Nm
|
||||
on
|
||||
.Fx ,
|
||||
as implemented currently, should properly respect all aspects of any
|
||||
.Xr chroot 8
|
||||
or
|
||||
.Xr jail 8
|
||||
operation performed after it has been initialized.
|
||||
Pre-existing jail or chroot environments may not necessarily work
|
||||
completely.
|
||||
.Nm 's
|
||||
filesystem should correctly respect the caching behavior of any of the
|
||||
system's filesystems, and so work for any "normal" or "synthetic"
|
||||
fileystems.
|
||||
After loaded, another root
|
||||
.Xr mount 8
|
||||
will exist on the system and appear as type "lomacfs".
|
||||
.Sh FILES
|
||||
See
|
||||
.Pa /sys/security/lomac/policy_plm.h
|
||||
for specific information on exactly how
|
||||
.Nm
|
||||
has been compiled to control access to the filesystem.
|
||||
.Sh COMPATIBILITY
|
||||
Some programs, for example
|
||||
.Xr syslogd 8 ,
|
||||
may need to be restarted after
|
||||
.Nm
|
||||
is initialized for them to continue proper operation.
|
||||
This version of
|
||||
.Nm
|
||||
has not had widespread testing, so some common programs have probably
|
||||
not been tested and could have issues that need to be worked around or
|
||||
fixed.
|
||||
.Sh SEE ALSO
|
||||
.Xr kldload 8
|
||||
.Sh HISTORY
|
||||
.Nm
|
||||
was initially implemented for Linux systems over the past several years.
|
||||
Since then, this implementation was created via funding from the
|
||||
United States DARPA.
|
||||
See the copyright for details.
|
||||
.Sh AUTHORS
|
||||
.Bl -item
|
||||
.Li An Brian Fundakowski Feldman Aq bfeldman@tislabs.com
|
||||
.Li An Timothy Fraser Aq tfraser@tislabs.com
|
||||
.El
|
||||
.Sh BUGS
|
||||
.Nm
|
||||
has not gone through widespread testing yet, so many problems may still exist.
|
||||
There is still yet one unfixed panic which is reproduceable under load
|
||||
(
|
||||
.Xr vrele 9
|
||||
begin called too many times).
|
||||
The operation of
|
||||
.Xr mount 2
|
||||
and
|
||||
.Xr unmount 2
|
||||
may not work properly or at all once
|
||||
.Nm
|
||||
has been loaded.
|
||||
After being loaded, the system must be restarted to revert to a state
|
||||
without
|
||||
.Nm .
|
Loading…
Reference in New Issue
Block a user