NAME
posix1e — introduction to the POSIX.1e security API
LIBRARY
Standard C Library (libc, −lc)
SYNOPSIS
#include <sys/types.h>
#include <sys/acl.h>
#include <sys/capability.h>
#include <sys/mac.h>
DESCRIPTION
The IEEE POSIX.1e specification never left draft form, but the interfaces it describes are now widely used despite inherent limitations. Currently, only a few of the interfaces and features are implemented in FreeBSD, although efforts are underway to complete the integration at this time.
POSIX.1e describes five security extensions to the base POSIX.1 API: Access Control Lists (ACLs), Auditing, Capabilities, Mandatory Access Control, and Information Flow Labels. FreeBSD supports POSIX.1e ACL interfaces, as well as POSIX.1e-like MAC interfaces. The TrustedBSD Project has produced but not integrated an implementation of POSIX.1e Capabilities.
POSIX.1e defines both syntax and semantics for these features, but fairly substantial changes are required to implement these features in the operating system.
As shipped, FreeBSD 4.0 provides API and VFS support for ACLs, but not an implementation on any native file system. FreeBSD 5.0 includes support for ACLs as part of UFS1 and UFS2, as well as necessary VFS support for additional file systems to export ACLs as appropriate. Available API calls relating to ACLs are described in detail in acl(3).
As shipped, FreeBSD 5.0 includes support for Mandatory Access Control as well as POSIX.1e-like APIs for label management. More information on API calls relating to MAC is available in mac(3).
Additional patches supporting POSIX.1e features are provided by the TrustedBSD project:
IMPLEMENTATION NOTES
FreeBSD’s support for POSIX.1e interfaces and features is still under development at this time, and many of these features are considered new or experimental.
ENVIRONMENT
POSIX.1e assigns security labels to all objects, extending the security functionality described in POSIX.1. These additional labels provide fine-grained discretionary access control, fine-grained capabilities, and labels necessary for mandatory access control. POSIX.2c describes a set of userland utilities for manipulating these labels.
Many of these services are supported by extended attributes, documented in extattr(2) and extattr(9). While these APIs are not documented in POSIX.1e, they are similar in structure.
SEE ALSO
extattr(2), acl(3), mac(3), acl(9), extattr(9), mac(9)
STANDARDS
POSIX.1e is described in IEEE POSIX.1e draft 17. Discussion of the draft continues on the cross-platform POSIX.1e implementation mailing list. To join this list, see the FreeBSD POSIX.1e implementation page for more information.
HISTORY
POSIX.1e support was introduced in FreeBSD 4.0; most of the features are available as of FreeBSD 5.0. Development continues.
AUTHORS
Robert N M Watson
Chris D. Faulhaber
Thomas Moestl
Ilmar S Habibulin
BUGS
Many of these features are considered new or experimental in FreeBSD 5.0 and should be deployed with appropriate caution.
BSD January 17, 2000 BSD