Page MenuHomeFreeBSD
Files F158767187

D2985.id.diff
No OneTemporary
Actions

D2985.id.diff
View Options

Index: head/lib/libc/posix1e/mac.3
===================================================================
--- head/lib/libc/posix1e/mac.3
+++ head/lib/libc/posix1e/mac.3
@@ -31,7 +31,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd August 7, 2009
+.Dd July 25, 2015
.Dt MAC 3
.Os
.Sh NAME
@@ -163,14 +163,3 @@
as part of the
.Tn TrustedBSD
Project.
-.Sh BUGS
-The
-.Tn TrustedBSD
-MAC Framework and associated policies, interfaces, and
-applications are considered to be an experimental feature in
-.Fx .
-Sites considering production deployment should keep the experimental
-status of these services in mind during any deployment process.
-See also
-.Xr mac 9
-for related considerations regarding the kernel framework.
Index: head/lib/libc/posix1e/mac.conf.5
===================================================================
--- head/lib/libc/posix1e/mac.conf.5
+++ head/lib/libc/posix1e/mac.conf.5
@@ -29,7 +29,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd April 19, 2003
+.Dd July 25, 2015
.Dt MAC.CONF 5
.Os
.Sh NAME
@@ -110,14 +110,3 @@
as part of the
.Tn TrustedBSD
Project.
-.Sh BUGS
-The
-.Tn TrustedBSD
-MAC Framework and associated policies, interfaces, and
-applications are considered to be an experimental feature in
-.Fx .
-Sites considering production deployment should keep the experimental
-status of these services in mind during any deployment process.
-See also
-.Xr mac 9
-for related considerations regarding the kernel framework.
Index: head/share/man/man4/capsicum.4
===================================================================
--- head/share/man/man4/capsicum.4
+++ head/share/man/man4/capsicum.4
@@ -26,7 +26,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd October 19, 2013
+.Dd July 25, 2015
.Dt CAPSICUM 4
.Os
.Sh NAME
@@ -125,7 +125,3 @@
.An Kris Kennaway Aq Mt kris@FreeBSD.org
at Google, Inc., and
.An Pawel Jakub Dawidek Aq Mt pawel@dawidek.net .
-.Sh BUGS
-.Nm
-is considered experimental in
-.Fx .
Index: head/share/man/man4/mac.4
===================================================================
--- head/share/man/man4/mac.4
+++ head/share/man/man4/mac.4
@@ -30,7 +30,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd October 30, 2007
+.Dd July 25, 2015
.Dt MAC 4
.Os
.Sh NAME
@@ -239,14 +239,6 @@
.Pq Dq CBOSS ,
as part of the DARPA CHATS research program.
.Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
While the MAC Framework design is intended to support the containment of
the root user, not all attack channels are currently protected by entry
point checks.
Index: head/share/man/man4/mac_ifoff.4
===================================================================
--- head/share/man/man4/mac_ifoff.4
+++ head/share/man/man4/mac_ifoff.4
@@ -30,7 +30,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd December 10, 2002
+.Dd July 25, 2015
.Dt MAC_IFOFF 4
.Os
.Sh NAME
@@ -118,14 +118,6 @@
.Pq Dq CBOSS ,
as part of the DARPA CHATS research program.
.Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
While the MAC Framework design is intended to support the containment of
the root user, not all attack channels are currently protected by entry
point checks.
Index: head/share/man/man4/mac_mls.4
===================================================================
--- head/share/man/man4/mac_mls.4
+++ head/share/man/man4/mac_mls.4
@@ -30,7 +30,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd December 1, 2002
+.Dd July 25, 2015
.Dt MAC_MLS 4
.Os
.Sh NAME
@@ -236,14 +236,6 @@
.Pq Dq CBOSS ,
as part of the DARPA CHATS research program.
.Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
While the MAC Framework design is intended to support the containment of
the root user, not all attack channels are currently protected by entry
point checks.
Index: head/share/man/man4/mac_none.4
===================================================================
--- head/share/man/man4/mac_none.4
+++ head/share/man/man4/mac_none.4
@@ -30,7 +30,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd December 1, 2002
+.Dd July 25, 2015
.Dt MAC_NONE 4
.Os
.Sh NAME
@@ -98,14 +98,6 @@
.Pq Dq CBOSS ,
as part of the DARPA CHATS research program.
.Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
While the MAC Framework design is intended to support the containment of
the root user, not all attack channels are currently protected by entry
point checks.
Index: head/share/man/man4/mac_partition.4
===================================================================
--- head/share/man/man4/mac_partition.4
+++ head/share/man/man4/mac_partition.4
@@ -30,7 +30,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd December 9, 2002
+.Dd July 25, 2015
.Dt MAC_PARTITION 4
.Os
.Sh NAME
@@ -118,14 +118,6 @@
.Pq Dq CBOSS ,
as part of the DARPA CHATS research program.
.Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
While the MAC Framework design is intended to support the containment of
the root user, not all attack channels are currently protected by entry
point checks.
Index: head/share/man/man4/mac_seeotheruids.4
===================================================================
--- head/share/man/man4/mac_seeotheruids.4
+++ head/share/man/man4/mac_seeotheruids.4
@@ -30,7 +30,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd October 6, 2005
+.Dd July 25, 2015
.Dt MAC_SEEOTHERUIDS 4
.Os
.Sh NAME
@@ -116,14 +116,6 @@
.Pq Dq CBOSS ,
as part of the DARPA CHATS research program.
.Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
While the MAC Framework design is intended to support the containment of
the root user, not all attack channels are currently protected by entry
point checks.
Index: head/share/man/man4/mac_stub.4
===================================================================
--- head/share/man/man4/mac_stub.4
+++ head/share/man/man4/mac_stub.4
@@ -30,7 +30,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd December 1, 2002
+.Dd July 25, 2015
.Dt MAC_STUB 4
.Os
.Sh NAME
@@ -101,14 +101,6 @@
.Pq Dq CBOSS ,
as part of the DARPA CHATS research program.
.Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
While the MAC Framework design is intended to support the containment of
the root user, not all attack channels are currently protected by entry
point checks.
Index: head/share/man/man4/mac_test.4
===================================================================
--- head/share/man/man4/mac_test.4
+++ head/share/man/man4/mac_test.4
@@ -30,7 +30,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd December 1, 2002
+.Dd July 25, 2015
.Dt MAC_TEST 4
.Os
.Sh NAME
@@ -102,14 +102,6 @@
.Pq Dq CBOSS ,
as part of the DARPA CHATS research program.
.Sh BUGS
-See
-.Xr mac 9
-concerning appropriateness for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
While the MAC Framework design is intended to support the containment of
the root user, not all attack channels are currently protected by entry
point checks.
Index: head/share/man/man4/procdesc.4
===================================================================
--- head/share/man/man4/procdesc.4
+++ head/share/man/man4/procdesc.4
@@ -29,7 +29,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd August 21, 2013
+.Dd July 25, 2015
.Dt PROCDESC 4
.Os
.Sh NAME
@@ -85,7 +85,3 @@
and
.An Kris Kennaway Aq Mt kris@FreeBSD.org
at Google, Inc.
-.Sh BUGS
-.Nm
-is considered experimental in
-.Fx .
Index: head/share/man/man9/mac.9
===================================================================
--- head/share/man/man9/mac.9
+++ head/share/man/man9/mac.9
@@ -33,7 +33,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd July 10, 2006
+.Dd July 25, 2015
.Dt MAC 9
.Os
.Sh NAME
@@ -62,14 +62,6 @@
Both consumers of the API (normal kernel services) and security modules
must be aware of the semantics of the API calls, particularly with respect
to synchronization primitives (such as locking).
-.Ss Note on Appropriateness for Production Use
-The
-.Tn TrustedBSD
-MAC Framework included in
-.Fx 5.0
-is considered experimental, and should not be deployed in production
-environments without careful consideration of the risks associated with
-the use of experimental operating system features.
.Ss Kernel Objects Supported by the Framework
The MAC framework manages labels on a variety of types of in-kernel
objects, including process credentials, vnodes, devfs_dirents, mount
@@ -232,13 +224,6 @@
and
.An Tim Robbins .
.Sh BUGS
-See the earlier section in this document concerning appropriateness
-for production use.
-The
-.Tn TrustedBSD
-MAC Framework is considered experimental in
-.Fx .
-.Pp
While the MAC Framework design is intended to support the containment of
the root user, not all attack channels are currently protected by entry
point checks.

File Metadata

Mime Type
text/plain
Expires
Sat, Jun 6, 5:10 PM (5 h, 10 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
33761855
Default Alt Text
D2985.id.diff (9 KB)

Event Timeline