*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->FreeBSD man pages -> maclabel (7)              



NAME    [Toc]    [Back]

     maclabel -- Mandatory Access Control label format

DESCRIPTION    [Toc]    [Back]

     If Mandatory Access Control, or MAC, is enabled in the kernel, then in
     addition to the traditional credentials, each subject (typically a user
     or a socket) and object (file system object, socket, etc.) is given a MAC
     label.  The MAC label specifies the necessary subject-specific or objectspecific
 information necessary for a MAC security policy to enforce
     access control on the subject/object.

     The format for a MAC label is defined as follows:


     A MAC label consists of a policy name, followed by a forward slash, followed
 by the subject or object's qualifier, optionally followed by a
     comma and one or more additional policy labels.  For example:


SEE ALSO    [Toc]    [Back]

     mac(3), posix1e(3), mac_biba(4), mac_bsdextended(4), mac_ifoff(4),
     mac_mls(4), mac_none(4), mac_partition(4), mac_seeotheruids(4),
     mac_test(4), login.conf(5), getfmac(8), getpmac(8), ifconfig(8),
     setfmac(8), setpmac(8), mac(9)

HISTORY    [Toc]    [Back]

     MAC first appeared in FreeBSD 5.0.

AUTHORS    [Toc]    [Back]

     This software was contributed to the FreeBSD Project by NAI Labs, the
     Security Research Division of Network Associates Inc. under DARPA/SPAWAR
     contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA CHATS
     research program.

FreeBSD 5.2.1		       October 25, 2002 		 FreeBSD 5.2.1
[ Back ]
 Similar pages
Name OS Title
mac FreeBSD Mandatory Access Control
mac FreeBSD TrustedBSD Mandatory Access Control framework
lomac FreeBSD Low-Watermark Mandatory Access Control security facility
mac_lomac FreeBSD Low-watermark Mandatory Access Control data integrity policy
hosts_access FreeBSD format of host access control files
hosts_access Linux format of host access control files
hosts_access HP-UX format of host access control files
hosts.allow OpenBSD tcp wrapper format of host access control files
hosts_access OpenBSD tcp wrapper format of host access control files
hosts.deny OpenBSD tcp wrapper format of host access control files
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service