posix1e -- introduction to the POSIX.1e security API
Standard C Library (libc, -lc)
#include <sys/types.h>
#include <sys/acl.h>
#include <sys/capability.h>
#include <sys/mac.h>
The IEEE POSIX.1e specification never left draft form, but the interfaces
it describes are now widely used despite inherent limitations. Currently,
only a few of the interfaces and features are implemented in
FreeBSD, although efforts are underway to complete the integration at
this time.
POSIX.1e describes five security extensions to the base POSIX.1 API:
Access Control Lists (ACLs), Auditing, Capabilities, Mandatory Access
Control, and Information Flow Labels. FreeBSD supports POSIX.1e ACL
interfaces, as well as POSIX.1e-like MAC interfaces. The TrustedBSD
Project has produced but not integrated an implementation of POSIX.1e
Capabilities.
POSIX.1e defines both syntax and semantics for these features, but fairly
substantial changes are required to implement these features in the operating
system.
As shipped, FreeBSD 4.0 provides API and VFS support for ACLs, but not an
implementation on any native file system. FreeBSD 5.0 includes support
for ACLs as part of UFS1 and UFS2, as well as necessary VFS support for
additional file systems to export ACLs as appropriate. Available API
calls relating to ACLs are described in detail in acl(3).
As shipped, FreeBSD 5.0 includes support for Mandatory Access Control as
well as POSIX.1e-like APIs for label management. More information on API
calls relating to MAC is available in mac(3).
Additional patches supporting POSIX.1e features are provided by the
TrustedBSD project:
http://www.TrustedBSD.org/
FreeBSD's support for POSIX.1e interfaces and features is still under
development at this time, and many of these features are considered new
or experimental.
POSIX.1e assigns security labels to all objects, extending the security
functionality described in POSIX.1. These additional labels provide
fine-grained discretionary access control, fine-grained capabilities, and
labels necessary for mandatory access control. POSIX.2c describes a set
of userland utilities for manipulating these labels.
Many of these services are supported by extended attributes, documented
in extattr(2) and extattr(9). While these APIs are not documented in
POSIX.1e, they are similar in structure.
extattr(2), acl(3), mac(3), acl(9), extattr(9), mac(9)
POSIX.1e is described in IEEE POSIX.1e draft 17. Discussion of the draft
continues on the cross-platform POSIX.1e implementation mailing list. To
join this list, see the FreeBSD POSIX.1e implementation page for more
information.
POSIX.1e support was introduced in FreeBSD 4.0; most of the features are
available as of FreeBSD 5.0. Development continues.
Robert N M Watson
Chris D. Faulhaber
Thomas Moestl
Ilmar S Habibulin
Many of these features are considered new or experimental in FreeBSD 5.0
and should be deployed with appropriate caution.
FreeBSD 5.2.1 January 17, 2000 FreeBSD 5.2.1 [ Back ] |