MAC_SEEOTHERUIDS (4) | Special files and drivers | Unix Manual Pages



MAC_SEEOTHERUIDS (4) \| Special files and drivers \| Unix Manual Pages \| :man▋ NAME mac_seeotheruids - "simple policy controlling whether users see other users" CONTENTS Synopsis Description Label Format See Also History Authors Bugs SYNOPSIS To compile the policy into your kernel, place the following lines in your kernel configuration file: .Cd "options MAC" .Cd "options MAC_SEEOTHERUIDS" Alternately, to load the module at boot time, place the following line in your kernel configuration file: .Cd "options MAC" and in loader.conf(5): mac_seeotheruids_load="YES" DESCRIPTION The mac_seeotheruids policy module, when enabled, denies users to see processes or sockets owned by other users. To enable mac_seeotheruids, set the sysctl OID security.mac.seeotheruids.enabled to 1. To allow users to see processes and sockets owned by the same primary group, set the sysctl OID security.mac.seeotheruids.primarygroup_enabled to 1. To allow processes with a specific group ID to be exempt from the policy, set the sysctl OID security.mac.seeotheruids.specificgid_enabled to 1, and security.mac.seeotheruids.specificgid to the group ID to be exempted. Label Format No labels are defined for mac_seeotheruids. SEE ALSO mac(4), mac_biba(4), mac_bsdextended(4), mac_ifoff(4), mac_lomac(4), mac_mls(4), mac_none(4), mac_partition(4), mac_portacl(4), mac_test(4), mac(9) HISTORY AUTHORS BUGS mac(9)

Created by Blin Media, 2008-2013