Slightly flesh out the synopsis: this chapter is not just about MAC

policies, but more generally about a framework for access control extension. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
svn path=/head/; revision=16598
2003-04-19 00:56:54 +00:00 · 2003-04-19 00:56:54 +00:00 · 6304541cd0 · 2020-12-08 03:00:23 +00:00
commit 6304541cd0
parent 27869157cf
2 changed files with 22 additions and 8 deletions
--- a/en_US.ISO8859-1/books/arch-handbook/mac/chapter.sgml
+++ b/en_US.ISO8859-1/books/arch-handbook/mac/chapter.sgml
@ -112,10 +112,17 @@
  <sect1 id="mac-synopsis">
    <title>Synopsis</title>
    
-    <para>MAC, or Mandatory Access Control, is a feature introduced by
-      the TrustedBSD Project to supplement the existing standard DAC
-      (Discretionary Access Control) policies of BSD Unix systems.</para>
-    
+    <para>FreeBSD includes experimental support for several
+      mandatory access control policies, as well as a framework
+      for kernel security extensibility, the TrustedBSD MAC
+      Framework.  The MAC Framework provides a pluggable access
+      control framework, permitting new security policies to
+      be easily linked into the kernel, loaded at boot, or loaded
+      dynamically at run-time.  The framework provides a variety
+      of features to make it easier to implement new policies,
+      including the ability to easily tag security labels (such as
+      confidentiality information) onto system objects.</para>
+
    <para>This chapter introduces the MAC policy framework and
      provides documentation for a sample MAC policy module.</para>
  </sect1>
--- a/en_US.ISO8859-1/books/developers-handbook/mac/chapter.sgml
+++ b/en_US.ISO8859-1/books/developers-handbook/mac/chapter.sgml
@ -112,10 +112,17 @@
  <sect1 id="mac-synopsis">
    <title>Synopsis</title>
    
-    <para>MAC, or Mandatory Access Control, is a feature introduced by
-      the TrustedBSD Project to supplement the existing standard DAC
-      (Discretionary Access Control) policies of BSD Unix systems.</para>
-    
+    <para>FreeBSD includes experimental support for several
+      mandatory access control policies, as well as a framework
+      for kernel security extensibility, the TrustedBSD MAC
+      Framework.  The MAC Framework provides a pluggable access
+      control framework, permitting new security policies to
+      be easily linked into the kernel, loaded at boot, or loaded
+      dynamically at run-time.  The framework provides a variety
+      of features to make it easier to implement new policies,
+      including the ability to easily tag security labels (such as
+      confidentiality information) onto system objects.</para>
+
    <para>This chapter introduces the MAC policy framework and
      provides documentation for a sample MAC policy module.</para>
  </sect1>