opnsense-src

mirror of https://github.com/opnsense/src.git synced 2026-04-22 14:49:36 -04:00

History

Wojciech Macek 15c362aeb7 mac_veriexec: Authorize reads of secured sysctls Writes to sysctls flagged with CTLFLAG_SECURE are blocked if the appropriate secure level is set. mac_veriexec does not behave this way, it blocks such sysctls in read-only mode as well. This change aims to make mac_veriexec behave like secure levels, as it was meant by the original commit `ed377cf41`. Reviewed by: sjg Differential revision: https://reviews.freebsd.org/D34327 Obtained from: Stormshield		2022-06-29 10:48:01 +02:00
..
mac_veriexec.c	mac_veriexec: Authorize reads of secured sysctls	2022-06-29 10:48:01 +02:00
mac_veriexec.h	Add a new ioctl for the larger params struct that includes the label.	2019-05-17 19:27:07 +00:00
mac_veriexec_internal.h	Add a new ioctl for the larger params struct that includes the label.	2019-05-17 19:27:07 +00:00
mac_veriexec_sha1.c
mac_veriexec_sha256.c
mac_veriexec_sha384.c
mac_veriexec_sha512.c
veriexec_fingerprint.c	mac_veriexec_fingerprint_check_vnode: v_writecount > 0 means active writers	2020-06-12 21:51:20 +00:00
veriexec_metadata.c	mac_veriexec: Fix a typo in a source code comment	2022-03-27 19:56:15 +02:00