Perspectives extension improves HTTPS security

4 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Display the .csv extension files based on .done extension fine

Hi All, I want to fetch the files based on .done file and display the .csv files and Wil take .csv files for processing. 1.I need to display the .done files from the directory. 2.next i need to search for the .Csv files based on .done file.then move .csv files for the one directory ...

2. Solaris

Need suggestion:- Failed HTTPS transfer to https://supportfiles.sun.com/curl

Hi Guys, I have recently started reciving below Error message Failed HTTPS transfer to https://supportfiles.sun.com/curl whenever I run /usr/local/bin/sudo /opt/SUNWexplo/bin/explorer -P -q -v from all Servers. Looks like the SSL certificate as Expired. Whenever I type...

3. Red Hat

SSL over https

Hi guys, I'm trying to generate a key using the genkey command in centos 6.4 and RHEL6.4, Every thing seems to go cool but I get this error message bad certificate request error -8016 and no key/cert is generated. I don't want use the many openssl(s) commands instead since genkey is a shourtcut...

4. Shell Programming and Scripting

http and https

Hi friends, I have a local host http://ss3/cgi-bin/page/page_list.cgi running on apache webserver perfectly well. But suddenly, it stopped working and gave an error "Internet explorer Explorer cannot display the webpage". But when i added https, as https://ss3/cgi-bin/page/page_list.cgi the...

LEARN ABOUT NETBSD

secmodel_extensions

SECMODEL_EXTENSIONS(9)					   BSD Kernel Developer's Manual				    SECMODEL_EXTENSIONS(9)

NAME

     secmodel_extensions -- Extensions security model

DESCRIPTION

     secmodel_extensions implements extensions to the traditional security model based on the original 4.4BSD.	They can be used to grant addi-
     tional privileges to ordinary users, or enable specific security measures like curtain mode.

     The extensions are described below.

Curtain mode
     When enabled, all returned objects will be filtered according to the user-id requesting information about them, preventing users from access-
     ing objects they do not own.

     It affects the output of many commands, including fstat(1), netstat(1), ps(1), sockstat(1), and w(1).

     This extension is enabled by setting security.models.extensions.curtain or security.curtain sysctl(7) to a non-zero value.

     It can be enabled at any time, but cannot be disabled anymore when the securelevel of the system is above 0.

Non-superuser mounts
     When enabled, it allows file-systems to be mounted by an ordinary user who owns the point node and has at least read access to the special
     device mount(8) arguments.  Note that the nosuid and nodev flags must be given for non-superuser mounts.

     This extension is enabled by setting security.models.extensions.usermount or vfs.generic.usermount sysctl(7) to a non-zero value.

     It can be disabled at any time, but cannot be enabled anymore when the securelevel of the system is above 0.

Non-superuser control of CPU sets
     When enabled, an ordinary user is allowed to control the CPU affinity(3) of the processes and threads he owns.

     This extension is enabled by setting security.models.extensions.user_set_cpu_affinity sysctl(7) to a non-zero value.

     It can be disabled at any time, but cannot be enabled anymore when the securelevel of the system is above 0.

SEE ALSO

     affinity(3), sched(3), sysctl(7), kauth(9), secmodel(9), secmodel_bsd44(9), secmodel_securelevel(9), secmodel_suser(9)

AUTHORS

     Elad Efrat <elad@NetBSD.org>

BSD
								 December 3, 2011							       BSD

UNIX and Linux RSS News