Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/share/man/man9 Describe the hardlink restrictions.
details: https://anonhg.NetBSD.org/src/rev/c6490d9d5729
branches: trunk
changeset: 364481:c6490d9d5729
user: christos <christos%NetBSD.org@localhost>
date: Sun Mar 27 16:36:11 2022 +0000
description:
Describe the hardlink restrictions.
diffstat:
share/man/man9/secmodel_extensions.9 | 24 ++++++++++++++++++++++--
1 files changed, 22 insertions(+), 2 deletions(-)
diffs (45 lines):
diff -r 30a31fec7425 -r c6490d9d5729 share/man/man9/secmodel_extensions.9
--- a/share/man/man9/secmodel_extensions.9 Sun Mar 27 16:28:35 2022 +0000
+++ b/share/man/man9/secmodel_extensions.9 Sun Mar 27 16:36:11 2022 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: secmodel_extensions.9,v 1.6 2020/01/20 13:08:40 nia Exp $
+.\" $NetBSD: secmodel_extensions.9,v 1.7 2022/03/27 16:36:11 christos Exp $
.\"
.\" Copyright (c) 2011 The NetBSD Foundation, Inc.
.\" All rights reserved.
@@ -27,7 +27,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd November 22, 2012
+.Dd March 27, 2022
.Dt SECMODEL_EXTENSIONS 9
.Os
.Sh NAME
@@ -106,6 +106,26 @@
anymore when the
.Em securelevel
of the system is above 0.
+.Sh Hardlink restrictions
+Prevent hardlinks to files that the user does not own or has group access
+to.
+.Pp
+To enable user ownership checks, set the
+.Xr sysctl 7
+variable
+.Pa security.models.extensions.hardlink_check_uid
+to a non-zero value.
+.Pp
+To enable group membership checks, set the
+.Xr sysctl 7
+variable
+.Pa security.models.extensions.hardlink_check_gid
+to a non-zero value.
+.Pp
+These variables can be enabled anytime, but cannot be disabled
+anymore when the
+.Em securelevel
+of the system is above 0.
.Sh SEE ALSO
.Xr affinity 3 ,
.Xr sched 3 ,
Home |
Main Index |
Thread Index |
Old Index