os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Technical corrections.

Browse source 
Confirmed with:	rwatson
This commit is contained in:
Murray Stokely 2004-07-12 03:24:13 +00:00
parent f50407f8fc
commit 6ee331fa0a
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=21435
1 changed files with 7 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
en_US.ISO8859-1/books/handbook/mac/chapter.sgml
View file

@ -20,7 +20,7 @@
<title>Synopsis</title> <title>Synopsis</title>
<indexterm><primary>MAC</primary></indexterm> <indexterm><primary>MAC</primary></indexterm>
<indexterm><primary>Mandatory Access Controls</primary></indexterm> <indexterm><primary>Mandatory Access Control</primary></indexterm>
<para>The TrustedBSD project was founded to meet the rising <para>The TrustedBSD project was founded to meet the rising
security requirements of modern operating systems. This project security requirements of modern operating systems. This project
@ -32,15 +32,17 @@
(<acronym>ACLs</acronym>) and Mandatory Access Control (<acronym>ACLs</acronym>) and Mandatory Access Control
(<acronym>MAC</acronym>) mechanisms.</para> (<acronym>MAC</acronym>) mechanisms.</para>
<para>So what is <acronym>MAC</acronym>? Mandatory Access Controls <para>So what is <acronym>MAC</acronym>? Mandatory Access Control
are rules that control how users access a system in order to is a mechanism that allows the system administrator to define
the protection decisions for system objects. The administrator
can define a policy to
prohibit the unauthorized disclosure of any system or user data; prohibit the unauthorized disclosure of any system or user data;
or provide for the indefinite integrity of system objects or or provide for the indefinite integrity of system objects or
subjects. For a definition of what objects and subjects are, subjects. For a definition of what objects and subjects are,
see below. The mandatory part of the definition comes from the see below. The mandatory part of the definition comes from the
fact that the enforcement of the controls is done by fact that the enforcement of the controls is done by
administrators and the system, and is not left up to the administrators and the system, and is not left up to the
discretion of users as is done with discretionary access controls discretion of users as is done with discretionary access control
(<acronym>DAC</acronym>, the normal access method).</para> (<acronym>DAC</acronym>, the normal access method).</para>
<para>This entire chapter will focus primarily on the <para>This entire chapter will focus primarily on the
@ -937,7 +939,7 @@ test: biba/high</screen>
enable/disable the policy completely.<footnote><para>Due to enable/disable the policy completely.<footnote><para>Due to
a bug the <literal>security.mac.portacl.enabled</literal> a bug the <literal>security.mac.portacl.enabled</literal>
<command>sysctl</command> variable will not work on <command>sysctl</command> variable will not work on
&os;&nbsp;5.2 or previous releases.</para></footnote></para> &os;&nbsp;5.2.1 or previous releases.</para></footnote></para>
</listitem> </listitem>
<listitem> <listitem>