User Tools
модули_mac
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
модули_mac [2018/02/06 09:01] val [Модули MAC] |
модули_mac [2018/02/08 14:44] (current) val [Вариант использования пользователями] |
||
|---|---|---|---|
| Line 6: | Line 6: | ||
| * [[https://en.wikipedia.org/wiki/Biba_Model|Biba Model]] | * [[https://en.wikipedia.org/wiki/Biba_Model|Biba Model]] | ||
| * [[https://en.wikipedia.org/wiki/Multilevel_security|Multilevel security]] | * [[https://en.wikipedia.org/wiki/Multilevel_security|Multilevel security]] | ||
| + | |||
| + | ===== Вариант использования пользователями ===== | ||
| + | |||
| + | * Попробовать добавить [[https://www.freebsd.org/doc/ru_RU.KOI8-R/books/faq/security.html#idp71191528|уровень защиты (securelevel)]] для запрета изменения меток пользователям root | ||
| + | |||
| + | <code> | ||
| + | # cat /etc/login.conf | ||
| + | ... | ||
| + | russian|Russian Users Accounts:\ | ||
| + | :charset=UTF-8:\ | ||
| + | :lang=ru_RU.UTF-8:\ | ||
| + | :tc=default:\ | ||
| + | :label=mls/5,biba/5: | ||
| + | ... | ||
| + | |||
| + | # cap_mkdb /etc/login.conf | ||
| + | |||
| + | # pw usermod user1 -L russian | ||
| + | |||
| + | # mkdir ~user1/doc | ||
| + | |||
| + | # chown user1:user1 ~user1/doc | ||
| + | |||
| + | # setfmac 'biba/5,mls/5' ~user1/doc | ||
| + | |||
| + | # ls ~user1/doc | ||
| + | |||
| + | # setfmac 'biba/high,mls/low' ~user1/doc | ||
| + | |||
| + | # setpmac 'biba/5,mls/5' setfmac 'biba/high,mls/low' ~user1/doc | ||
| + | </code> | ||
| ===== Вариант использования как AppArmor ===== | ===== Вариант использования как AppArmor ===== | ||
модули_mac.1517896878.txt.gz · Last modified: 2018/02/06 09:01 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
