Unverified Commit 7be20c02 authored by Shawn Webb's avatar Shawn Webb
Browse files

Document "ALL THE TPE THINGS!"



Update the manpages for Trusted Path Execution (TPE).
Signed-off-by: Shawn Webb's avatarShawn Webb <shawn.webb@hardenedbsd.org>
parent c7ca3e2a
......@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.Dd March 05, 2016
.Dd September 21, 2016
.Dt SECADM 8
.Os
.Sh NAME
......@@ -53,6 +53,9 @@
.Nm
.Cm get
.Nm
.Cm tpe
.Op Cm -AITaitg
.Nm
.Cm version
.Sh DESCRIPTION
The
......@@ -225,7 +228,29 @@ is loaded.
.It Xo
.Cm get
.Xc
Get the status of Integriforce whitelist mode.
Get the status of Integriforce whitelist mode and TPE configuration.
.It Xo
.Cm tpe Op -AITaitg
.Xc
Configure Trusted Path Excution (TPE).
Enable TPE with
.Op -T
and disable TPE with
.Op -t .
Enable TPE for all users with
.Op -A
and disable TPE for all users with
.Op -a .
By default, TPE is only enabled for the wheel group.
Set the numeric Group ID (GID) with the
.Op -g
option.
Invert GID logic with the
.Op -I
option and apply normal logic with the
.Op -i
option.
Non-inverted (normal) logic is the default.
.It Xo
.Cm version
.Xc
......
......@@ -23,7 +23,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.Dd March 06, 2016
.Dd September 21, 2016
.Dt SECADM.RULES 5
.Os
.Sh NAME
......@@ -41,12 +41,16 @@ and therefore uses its syntax.
should be deployed to
.Dq /usr/local/etc .
.Pp
Two types of rules exist in
Three types of rules exist in
.Nm :
pax rules and integriforce rules.
pax rules, integriforce rules, and Trusted Path Execution (TPE).
Pax rules toggle exploit mitigation features on a per-executable basis
while integriforce rules enforce the integrity of executables along
with the shared objects they depend on.
Trusted Path Execution (TPE) prevents users from executing binaries in
untrusted directories.
A trusted directory is defined as a directory that is writable only by
root and owned by root.
.Pp
If integriforce is set in whitelisting mode, integriforce acts as an
application whitelisting utility.
......@@ -210,6 +214,60 @@ and execution is denied.
.El
.El
.Pp
Trusted Path Execution (TPE) options are contained within a single tpe
object.
Multiple tpe objects are not allowed.
.Pp
TPE options that can be set:
.Bl -bullet
.It
Option: enable
.Bl -dash -compact
.It
Type: Boolean
.It
Requirement: Required
.It
Description: Enable TPE protections.
.El
.It
Option: all
.Bl -dash -compact
.It
Type: Boolean
.It
Requirement: Optional
.It
Description: Enable TPE for all users.
.It
Default: false
.El
.It
Option: invert
.Bl -dash -compact
.It
Type: Boolean
.It
Requirement: Optional
.It
Description: Invert the Group ID (GID) logic.
.It
Default: false
.El
.It
Option: gid
.Bl -dash -compact
.It
Type: Integer
.It
Requirement: Optional
.It
Description: Group ID for which TPE is applied.
.It
Default: 0
.El
.El
.Pp
.Sh EXAMPLES
Disable pageexec and mprotect for
.Dq /usr/local/share/chromium/chrome :
......@@ -259,6 +317,17 @@ secadm {
whitelist_mode: true
}
.Ed
.Pp
Enable TPE for users with primary Group ID 10:
.Bd -literal -offset indent
secadm {
tpe {
enable: true,
gid: 10
}
}
.Ed
.Pp
.Sh SEE ALSO
.Xr sha1 1,
.Xr sha256 1 ,
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment