Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
LOMAC(4)		 BSD Kernel Interfaces Manual		      LOMAC(4)

NAME
     LOMAC -- Low-Watermark Mandatory Access Control security facility

SYNOPSIS
     kldload lomac

DESCRIPTION
     The LOMAC module provides a drop-in security mechanism in addition	to the
     traditional POSIX UID-based security facilities, requiring	no additional
     configuration from	the administrator.  LOMAC aims to be two things: it is
     non-intrusive, so that the	system with LOMAC will not feel	largely	dif-
     ferent from the system without it,	and will not require much modification
     to	initialize; it is also comprehensive enough that a majority of attacks
     to	compromise a system should fail.

     To	this end, each process on the system will have a label of several at-
     tributes, including a "high" or "low" security level, attached to it, and
     these labels of integrity will be managed with a system cognizant of IPC
     (signals, debugging, sockets, pipes), path-based file system labels, vir-
     tual memory objects, and privileged system	calls.	A process (or set of
     vmspace-sharing processes)	will initially inherit the integrity level of
     its parent, which,	at the point of	LOMAC being started with kldload(8),
     will be high.  If it reads	lower-integrity	data from one of the con-
     trolled mechanisms, it will then decrease its integrity level, and	access
     to	modify higher-integrity	data will be revoked.

IMPLEMENTATION NOTES
     LOMAC on FreeBSD, as implemented currently, should	properly respect all
     aspects of	any chroot(8) or jail(8) operation performed after it has been
     initialized.  Pre-existing	jail or	chroot environments may	not necessar-
     ily work completely.  LOMAC's file	system should correctly	respect	the
     caching behavior of any of	the system's file systems, and so work for any
     "normal" or "synthetic" file systems.  After loaded, another root
     mount(8) will exist on the	system and appear as type "lomacfs".

FILES
     See /sys/security/lomac/policy_plm.h for specific information on exactly
     how LOMAC has been	compiled to control access to the file system.

COMPATIBILITY
     Some programs, for	example	syslogd(8), may	need to	be restarted after
     LOMAC is initialized for them to continue proper operation.  This version
     of	LOMAC has not had widespread testing, so some common programs have
     probably not been tested and could	have issues that need to be worked
     around or fixed.

SEE ALSO
     kldload(8)

HISTORY
     LOMAC was initially implemented for Linux systems over the	past several
     years.  Since then, this implementation was created via funding from the
     United States DARPA.  See the copyright for details.

AUTHORS
     Brian Fundakowski Feldman <bfeldman@tislabs.com>
     Timothy Fraser <tfraser@tislabs.com>

BUGS
     LOMAC has not gone	through	widespread testing yet,	so many	problems may
     still exist.  There is still yet one unfixed panic	which is reproduceable
     under load	(vrele(9) being	called too many	times).	 The operation of
     mount(2) and unmount(2) may not work properly or at all once LOMAC	has
     been loaded.  After being loaded, the system must be restarted to revert
     to	a state	without	LOMAC.

BSD			       November	20, 2001			   BSD

NAME | SYNOPSIS | DESCRIPTION | IMPLEMENTATION NOTES | FILES | COMPATIBILITY | SEE ALSO | HISTORY | AUTHORS | BUGS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=lomac&sektion=4&manpath=FreeBSD+5.2-RELEASE+and+Ports>

home | help