Page MenuHomeFreeBSD

MAC/do: add exec whitelist/blacklist support for mac_do consumers
Needs ReviewPublic

Authored by polyduekes_proton.me on Thu, Jul 2, 9:04 PM.

Details

Reviewers
olce
bapt
markj
Summary

this adds support for an optional exec paths list to the
security.mac.do.rules sysctl which allows for a whitelist
/blacklist for paths allowed to be exec'ed by userland
supervisors such as mdo

Signed-off-by: polyduekes <polyduekes@proton.me>

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 74488
Build 71371: arc lint + arc unit