mac_biba mac_mls

V

Viatcheslav

Hello!

Need help.

I want to start /sbin/init with labels biba/equal(low-high),mls/equal(low-high) such as a kernels processes

Code: 
# uname -a
FreeBSD test.bmstu.ru 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Mon Jul 19
02:55:53 UTC 2010     root@almeida.cse.buffalo.edu:/usr/obj/usr/src/
sys/GENERIC  i386

Code: 
# cat /boot/loader.conf
mac_mls_load="YES"
mac_biba_load="YES"

Code: 
# cat /etc/mac.conf
...
default_labels process biba,mls
...

Code: 
# cat /etc/login.conf
...
default:\
...
  :label=biba/equal(low-high),mls/equal(low-high):


# cap_mkdb /etc/login.conf


# pw usermod root -L default

Code: 
# ps -axZ
LABEL                                      PID  TT  STAT      TIME   COMMAND
biba/equal(low-high),mls/equal(low-high)     0  ??  DLs    0:42.40 [kernel]
biba/high(low-high),mls/low(low-high)        1  ??  ILs    0:00.03 /sbin/init --
biba/equal(low-high),mls/equal(low-high)     2  ??  DL     0:25.76 [g_event]
.....

Thanks!
 
Author is Sergey Varnava from Bauman Moscow State Technical University

Code: 
# rcsdiff /usr/src/sys/security/mac_mls/mac_mls.c 
===================================================================
RCS file: /usr/src/sys/security/mac_mls/mac_mls.c,v
retrieving revision 1.1
diff -r1.1 /usr/src/sys/security/mac_mls/mac_mls.c
875c875
<       mls_set_effective(dest, MAC_MLS_TYPE_LOW, 0, NULL);
---
>       mls_set_effective(dest, MAC_MLS_TYPE_EQUAL, 0, NULL);

# rcsdiff /usr/src/sys/security/mac_biba/mac_biba.c
===================================================================
RCS file: /usr/src/sys/security/mac_biba/mac_biba.c,v
retrieving revision 1.1
diff -r1.1 /usr/src/sys/security/mac_biba/mac_biba.c
915c915
<       biba_set_effective(dest, MAC_BIBA_TYPE_HIGH, 0, NULL);
---
>       biba_set_effective(dest, MAC_BIBA_TYPE_EQUAL, 0, NULL);
 
You must log in or register to reply here.
Back
Top