POSIX1E(3) NetBSD Library Functions Manual POSIX1E(3)
NAME
posix1e -- introduction to the POSIX.1e security API
LIBRARY
Standard C Library (libc, -lc)
SYNOPSIS
#include <sys/types.h> #include <sys/acl.h>
DESCRIPTION
POSIX.1e describes five security extensions to the POSIX.1 API: Access Control Lists (ACLs), Auditing, Capabilities, Mandatory Access Control, and Information Flow Labels. While IEEE POSIX.1e D17 specification has not been standardized, several of its interfaces are widely used. NetBSD implements POSIX.1e interface for access control lists, described in acl(3), and supports ACLs on the ffs(7) file system; ACLs must be administratively enabled using tunefs(8) or via mount(8) options. NetBSD does not implement the POSIX.1e mac, audit, privilege (capabil- ity), or information flow label APIs.
ENVIRONMENT
POSIX.1e assigns security attributes to all objects, extending the secu- rity functionality described in POSIX.1. These additional attributes store fine-grained discretionary access control information; for files, they are stored in extended attributes, described in extattr(3). POSIX.2c describes a set of userland utilities for manipulating these attributes, including getfacl(1) and setfacl(1).
SEE ALSO
getfacl(1), setfacl(1), acl(3), extattr(3), ffs(7), tunefs(8), acl(9), extattr(9)
STANDARDS
POSIX.1e is described in IEEE POSIX.1e draft 17.
HISTORY
POSIX.1e support was introduced in NetBSD 10.0.
AUTHORS
Robert N M Watson Chris D. Faulhaber Thomas Moestl Ilmar S Habibulin NetBSD 10.1 February 25, 2016 NetBSD 10.1
Powered by man-cgi (2024-08-26). Maintained for NetBSD by Kimmo Suominen. Based on man-cgi by Panagiotis Christias.