FreeBSD.software
Home/sysutils/mac_nonet-kmod

mac_nonet-kmod

g20150821.1403000

MAC policy to disable access to networking for certain group

Simple MAC framework policy to disable access to networking for certain group. Running kldload mac_nonet.ko to load the kernel module. The load action require root permissions. Set gid that shouldn't access the network: sysctl security.mac.nonet.gid=31337 and enable enforcing: sysctl security.mac.nonet.enabled=1 Any call to socket(2) from user in this group will end with EPERM. You can also select group that can access only AF_UNIX sockets with security.mac.nonet.local_gid.

Origin: sysutils/mac_nonet
Category: sysutils
Size: 17.5KiB
License: BSD2CLAUSE
Maintainer: ports@FreeBSD.org
Dependencies: 0 packages
Required by: 0 packages
Website: github.com/pbiernacki/mac_nonet
$pkg install mac_nonet-kmod

More in sysutils

py311-azure-cli-base1.0.0
Shared namespace for py-azure-* ports
py311-psutil7.1.3
Process utilities module for Python
polkit127
Framework for controlling access to system-wide components
p5-File-Which1.27
Portable implementation of which(1) in Perl
kf6-kwallet6.22.0
Safe desktop-wide storage for passwords
php84-fileinfo8.4.16
The fileinfo shared extension for php
rubygem-bundler2.7.2,1
Tool that manages gem dependencies for Ruby applications
php84-posix8.4.16
The posix shared extension for php
py311-filelock3.20.1
Platform independent file lock
py311-distro1.9.0
OS platform information API