mirror of
https://github.com/opnsense/src.git
synced 2026-05-20 00:45:45 -04:00
2a1c79af92
policies remains the same: subjects and objects are labeled for integrity or sensitivity, and a dominance operator determines whether or not subject/object accesses are permitted to limit inappropriate information flow. Compartments are a non-hierarchal component to the label, so add a bitfield to the label element for each, and a set check as part of the dominance operator. This permits the implementation of "need to know" elements of MLS. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories |
||
|---|---|---|
| .. | ||
| mac_framework.c | ||
| mac_framework.h | ||
| mac_internal.h | ||
| mac_net.c | ||
| mac_pipe.c | ||
| mac_policy.h | ||
| mac_process.c | ||
| mac_syscalls.c | ||
| mac_system.c | ||
| mac_vfs.c | ||