Add some filler text regarding MAC userland APIs until we have a table

in place.
svn path=/head/; revision=15406
2002-12-22 05:09:15 +00:00 · 2002-12-22 05:09:15 +00:00 · d5f12ddfea · 2020-12-08 03:00:23 +00:00
commit d5f12ddfea
parent 5959fcca17
2 changed files with 36 additions and 2 deletions
--- a/en_US.ISO8859-1/books/arch-handbook/mac/chapter.sgml
+++ b/en_US.ISO8859-1/books/arch-handbook/mac/chapter.sgml
@ -5659,7 +5659,24 @@ Label destruction                         o</programlisting>
  <sect1 id="mac-userland-api">
    <title>Userland APIs</title>
    
-    <para>The userland API is still under development.</para>
+    <para>The TrustedBSD MAC Framework provides a number of
+      Application Programming Interfaces (APIs) to that permit
+      user applications to interact with security labels and
+      policies.  Several categories of interfaces are available
+      to applications: library calls to convert label data to
+      and from user-chewable text strings based on a central
+      configuration, and system calls and ioctls to retrieve
+      and manipulate labels on kernel-maintained objects.  In
+      addition, interfaces are provided to permit atomic
+      changing of the process label when a new file is executed,
+      as well as a multiplexor system call permitting policies
+      to export functionality without reserving system call
+      numbers.  Finally, modules may be loaded and unloaded
+      using the existing module management interfaces.</para>
+
+    <para>A list of calls with cross-references will go here
+      soon.</para>
+
  </sect1>
  
  <sect1 id="mac-sample-modules">
--- a/en_US.ISO8859-1/books/developers-handbook/mac/chapter.sgml
+++ b/en_US.ISO8859-1/books/developers-handbook/mac/chapter.sgml
@ -5659,7 +5659,24 @@ Label destruction                         o</programlisting>
  <sect1 id="mac-userland-api">
    <title>Userland APIs</title>
    
-    <para>The userland API is still under development.</para>
+    <para>The TrustedBSD MAC Framework provides a number of
+      Application Programming Interfaces (APIs) to that permit
+      user applications to interact with security labels and
+      policies.  Several categories of interfaces are available
+      to applications: library calls to convert label data to
+      and from user-chewable text strings based on a central
+      configuration, and system calls and ioctls to retrieve
+      and manipulate labels on kernel-maintained objects.  In
+      addition, interfaces are provided to permit atomic
+      changing of the process label when a new file is executed,
+      as well as a multiplexor system call permitting policies
+      to export functionality without reserving system call
+      numbers.  Finally, modules may be loaded and unloaded
+      using the existing module management interfaces.</para>
+
+    <para>A list of calls with cross-references will go here
+      soon.</para>
+
  </sect1>
  
  <sect1 id="mac-sample-modules">