libugidfw -- library interface to the file system firewall MAC policy
File System Firewall Interface Library (libugidfw, -lugidfw)
#include <ugidfw.h>
The libugidfw library routines provide an interface to the
mac_bsdextended(4) file system firewall MAC policy.
The libugidfw library defines the following functions:
bsde_rule_to_string() Converts the internal representation of a rule
(struct mac_bsdextended_rule) into its text
representation; see bsde_rule_to_string(3).
bsde_parse_identity() Parses the identity of a subject or object; see
bsde_parse_identity(3).
bsde_parse_mode() Parses the access mode for a ugidfw rule; see
bsde_parse_mode(3).
bsde_parse_rule() Parses an entire rule (in argument array form);
see bsde_parse_rule(3).
bsde_parse_rule_string() Parses an entire rule string; see
bsde_parse_rule_string(3).
bsde_get_rule_count() Returns the total number of ugidfw rules being
enforced in the system; see
bsde_get_rule_count(3).
bsde_get_rule_slots() Returns the total number of used rule slots;
see bsde_get_rule_slots(3).
bsde_get_rule() Returns a rule by its rule number; see
bsde_get_rule(3).
bsde_delete_rule() Deletes a rule by its rule number; see
bsde_delete_rule(3).
bsde_set_rule() Uploads the rule to the mac_bsdextended(4) module
and applies it; see bsde_set_rule(3).
bsde_delete_rule(3), bsde_get_rule(3), bsde_get_rule_count(3),
bsde_get_rule_slots(3), bsde_parse_identity(3), bsde_parse_mode(3),
bsde_parse_rule(3), bsde_parse_rule_string(3), bsde_rule_to_string(3),
bsde_set_rule(3)
This software was contributed to the FreeBSD Project by Network Associates
Labs, the Security Research Division of Network Associates Inc.
under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the
DARPA CHATS research program.
FreeBSD 5.2.1 January 5, 2003 FreeBSD 5.2.1 [ Back ] | 