Re: svn commit: r336289 - head/sys/security/mac_veriexec

Hey Stephen, On Sat, Jul 14, 2018 at 05:21:17PM +, Stephen J. Kiernan wrote: > Author: stevek > Date: Sat Jul 14 17:21:16 2018 > New Revision: 336289 > URL: https://svnweb.freebsd.org/changeset/base/336289 > > Log: > Add mpo_vnode_check_setmode MAC method to MAC/veriexec. > In the

svn commit: r336289 - head/sys/security/mac_veriexec

Author: stevek Date: Sat Jul 14 17:21:16 2018 New Revision: 336289 URL: https://svnweb.freebsd.org/changeset/base/336289 Log: Add mpo_vnode_check_setmode MAC method to MAC/veriexec. In the method, disallow changing SUID/SGID on verified files. Obtained from:Juniper Networks, Inc.