Add missing items to the securelevel implications list.
Now it is complete.
This commit is contained in:
elad
parent
539403d985
commit
2664dc174c
|
|
@ -1,4 +1,4 @@
|
|||
.\" $NetBSD: secmodel_bsd44.9,v 1.7 2006/09/19 19:22:05 elad Exp $
|
||||
.\" $NetBSD: secmodel_bsd44.9,v 1.8 2006/11/22 21:00:30 elad Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
|
||||
.\" All rights reserved.
|
||||
|
|
@ -28,7 +28,7 @@
|
|||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd September 19, 2006
|
||||
.Dd November 22, 2006
|
||||
.Dt SECMODEL_BSD44 9
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
|
@ -90,6 +90,8 @@ or procfs.
|
|||
Immutable and append-only file flags may be changed
|
||||
.It
|
||||
All devices may be read or written subject to their permissions
|
||||
.It
|
||||
Access to unmanaged memory on x86 and alpha is denied
|
||||
.El
|
||||
.It \ 1 Em Secure mode
|
||||
.Bl -hyphen -compact
|
||||
|
|
@ -119,6 +121,20 @@ nodes is denied
|
|||
The RTC offset may not be changed
|
||||
.It
|
||||
Set-id coredump settings may not be altered
|
||||
.It
|
||||
Attaching the IP-based kernel debugger,
|
||||
.Xr ipkdb 4 ,
|
||||
is not allowed
|
||||
.It
|
||||
Device
|
||||
.Dq pass-thru
|
||||
requests that may be used to perform raw disk and/or memory access are denied
|
||||
.It
|
||||
x86
|
||||
.Em iopl
|
||||
and
|
||||
.Em ioperm
|
||||
calls are denied
|
||||
.El
|
||||
.It \ 2 Em Highly secure mode
|
||||
.Bl -hyphen -compact
|
||||
|
|
|
|||
Loading…
Reference in New Issue