Training courses

Kernel and Embedded Linux

Bootlin training courses

Embedded Linux, kernel,
Yocto Project, Buildroot, real-time,
graphics, boot time, debugging...

Bootlin logo

Elixir Cross Referencer

.\" $NetBSD: secmodel_extensions.9,v 1.5 2014/03/18 18:20:40 riastradh Exp $
.\"
.\" Copyright (c) 2011 The NetBSD Foundation, Inc.
.\" All rights reserved.
.\"
.\" This code is derived from software contributed to The NetBSD Foundation
.\" by Jean-Yves Migeon <jym@NetBSD.org>
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd November 22, 2012
.Dt SECMODEL_EXTENSIONS 9
.Os
.Sh NAME
.Nm secmodel_extensions
.Nd extensions security model
.Sh DESCRIPTION
.Nm
implements extensions to the traditional security model based on
the original
.Bx 4.4 .
They can be used to grant additional privileges to ordinary users, or
enable specific security measures like curtain mode.
.Pp
The extensions are described below.
.Sh Curtain mode
When enabled, all returned objects will be filtered according to
the user-id requesting information about them, preventing users from
accessing objects they do not own.
.Pp
It affects the output of many commands, including
.Xr fstat 1 ,
.Xr netstat 1 ,
.Xr ps 1 ,
.Xr sockstat 1 ,
and
.Xr w 1 .
.Pp
This extension is enabled by setting
.Pa security.models.extensions.curtain
or
.Pa security.curtain
.Xr sysctl 7
to a non-zero value.
.Pp
It can be enabled at any time, but cannot be disabled
anymore when the
.Em securelevel
of the system is above 0.
.Sh Non-superuser mounts
When enabled, it allows file-systems to be mounted by an ordinary user
who owns the point
.Ar node
and has at least read access to the
.Ar special
device
.Xr mount 8
arguments.
Note that the
.Cm nosuid
and
.Cm nodev
flags must be given for non-superuser mounts.
.Pp
This extension is enabled by setting
.Pa security.models.extensions.usermount
or
.Pa vfs.generic.usermount
.Xr sysctl 7
to a non-zero value.
.Pp
It can be disabled at any time, but cannot be enabled
anymore when the
.Em securelevel
of the system is above 0.
.Sh Non-superuser control of CPU sets
When enabled, an ordinary user is allowed to control the CPU
.Xr affinity 3
of the processes and threads he owns.
.Pp
This extension is enabled by setting
.Pa security.models.extensions.user_set_cpu_affinity
.Xr sysctl 7
to a non-zero value.
.Pp
It can be disabled at any time, but cannot be enabled
anymore when the
.Em securelevel
of the system is above 0.
.Sh SEE ALSO
.Xr affinity 3 ,
.Xr sched 3 ,
.Xr sysctl 7 ,
.Xr kauth 9 ,
.Xr secmodel 9 ,
.Xr secmodel_bsd44 9 ,
.Xr secmodel_securelevel 9 ,
.Xr secmodel_suser 9
.Sh AUTHORS
.An Elad Efrat Aq Mt elad@NetBSD.org