Technical corrections.
Confirmed with: rwatson
This commit is contained in:
Murray Stokely
parent
f50407f8fc
commit
6ee331fa0a
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/head/; revision=21435
1 changed files with 7 additions and 5 deletions
|
|
@ -20,7 +20,7 @@
|
|||
<title>Synopsis</title>
|
||||
|
||||
<indexterm><primary>MAC</primary></indexterm>
|
||||
<indexterm><primary>Mandatory Access Controls</primary></indexterm>
|
||||
<indexterm><primary>Mandatory Access Control</primary></indexterm>
|
||||
|
||||
<para>The TrustedBSD project was founded to meet the rising
|
||||
security requirements of modern operating systems. This project
|
||||
|
|
@ -32,15 +32,17 @@
|
|||
(<acronym>ACLs</acronym>) and Mandatory Access Control
|
||||
(<acronym>MAC</acronym>) mechanisms.</para>
|
||||
|
||||
<para>So what is <acronym>MAC</acronym>? Mandatory Access Controls
|
||||
are rules that control how users access a system in order to
|
||||
<para>So what is <acronym>MAC</acronym>? Mandatory Access Control
|
||||
is a mechanism that allows the system administrator to define
|
||||
the protection decisions for system objects. The administrator
|
||||
can define a policy to
|
||||
prohibit the unauthorized disclosure of any system or user data;
|
||||
or provide for the indefinite integrity of system objects or
|
||||
subjects. For a definition of what objects and subjects are,
|
||||
see below. The mandatory part of the definition comes from the
|
||||
fact that the enforcement of the controls is done by
|
||||
administrators and the system, and is not left up to the
|
||||
discretion of users as is done with discretionary access controls
|
||||
discretion of users as is done with discretionary access control
|
||||
(<acronym>DAC</acronym>, the normal access method).</para>
|
||||
|
||||
<para>This entire chapter will focus primarily on the
|
||||
|
|
@ -937,7 +939,7 @@ test: biba/high</screen>
|
|||
enable/disable the policy completely.<footnote><para>Due to
|
||||
a bug the <literal>security.mac.portacl.enabled</literal>
|
||||
<command>sysctl</command> variable will not work on
|
||||
&os; 5.2 or previous releases.</para></footnote></para>
|
||||
&os; 5.2.1 or previous releases.</para></footnote></para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
|
|
|
|||
Loading…
Reference in a new issue