A
A
amberav2015-11-01 16:27:32
FreeBSD
amberav, 2015-11-01 16:27:32

How to set up a rule for mac_bsdextended?

Understanding the capabilities of the Mandatory Access Control system in FreeBSD.
I can't figure out how to set a rule for the bsd_extended module.
I'm trying to deny access to a specific folder/file
Various sites give the following examples for this:
ugidfw add subject uid "uid" object filesys /home/Vasya type rd mode n (denies any access to this folder and files)
I'm trying to create my own rule. After entering it, the system shows which rule was added:
I always have the string "filesys /dir/dir/file" converted to "filesys /" as a result of which the rule is applied to the entire tree, and not to a specific folder.
Tried on 10.1 and 10.2.
On the other side,, then I have a feeling that this parameter determines access specifically to the file system and it cannot be applied to a specific folder.

Answer the question

In order to leave comments, you need to log in

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question