| /freebsd-src/crypto/openssl/doc/man3/ | 
| H A D | SSL_CTX_set_security_level.pod | 5 …rity_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data - SSL/TLS security framework42 the security level to B<level>. If not set the library default security level
 46 retrieve the current security level.
 50 the security callback associated with B<ctx> or B<s>. If not set a default
 51 security callback is used. The meaning of the parameters and the behaviour
 62 If an application doesn't set its own security callback the default
 75 The security level corresponds to a minimum of 80 bits of security. Any
 76 parameters offering below 80 bits of security are excluded. As a result RSA,
 79 less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite
 81 and MD5 are also forbidden at this level as they have less than 80 security
 [all …]
 
 | 
| /freebsd-src/secure/lib/libcrypto/man/man3/ | 
| H A D | SSL_CTX_set_security_level.3 | 140 …ity_ex_data, SSL_CTX_get0_security_ex_data, SSL_get0_security_ex_data \- SSL/TLS security framework177 the security level to \fBlevel\fR. If not set the library default security level
 181 retrieve the current security level.
 185 the security callback associated with \fBctx\fR or \fBs\fR. If not set a default
 186 security callback is used. The meaning of the parameters and the behaviour
 196 If an application doesn't set its own security callback the default
 205 The security level corresponds to a minimum of 80 bits of security. Any
 206 parameters offering below 80 bits of security are excluded. As a result \s-1RSA,
 209 less than 80 bits of security. \s-1SSL\s0 version 2 is prohibited. Any cipher suite
 211 and \s-1MD5\s0 are also forbidden at this level as they have less than 80 security
 [all …]
 
 | 
| /freebsd-src/share/man/man7/ | 
| H A D | sdoc.7 | 35 .Nd guide to adding security considerations sections to manual pages38 adding security considerations sections to manual pages.
 47 system should contain a security considerations section
 48 describing what security requirements can be broken
 53 On one hand, security consideration sections must not be too verbose,
 55 On the other hand, security consideration sections must not be incomplete,
 59 in the security consideration section for a given feature of the
 64 those general security requirements that can be violated
 66 There are four classes of security requirements:
 81 A good security considerations section
 [all …]
 
 | 
| H A D | security.7 | 30 .Dt SECURITY 733 .Nm security
 34 .Nd introduction to security under FreeBSD
 42 security related topics.
 44 Security is a function that begins and ends with the system administrator.
 47 multi-user systems have some inherent security, the job of building and
 48 maintaining additional security mechanisms to keep users
 53 only as secure as you make them, and security concerns are ever competing
 62 security becomes an ever bigger issue.
 64 Security i
 [all...]
 | 
| /freebsd-src/lib/libgssapi/ | 
| H A D | gssapi.3 | 32 .Nd "Generic Security Services API"38 The Generic Security Service Application Programming Interface
 39 provides security services to its callers,
 43 security enhancements are integrated through invocation of services
 48 and to apply security services such as confidentiality and integrity
 60 A pair of communicating applications establish a joint security
 62 The security context is a pair of GSS-API data structures that contain
 64 security services may be provided.
 66 a security context are cryptographic keys,
 68 As part of the establishment of a security context,
 [all …]
 
 | 
| H A D | gss_export_sec_context.3 | 33 .Nd Transfer a security context to another process48 requests and accepts security contexts over them,
 52 deactivates the security context for the calling process and creates
 60 a subsequent attempt by a context exporter to access the exported security context will fail.
 64 either as a function of local security policy,
 71 The interprocess token may contain security-sensitive information
 84 associated with the security context,
 88 export of the security context,
 90 and should strive to leave the security context referenced by the
 94 it is permissible for the implementation to delete the security
 [all …]
 
 | 
| /freebsd-src/sys/arm/altera/socfpga/ | 
| H A D | socfpga_l3regs.h |  | 
| /freebsd-src/crypto/heimdal/appl/ftp/ftpd/ | 
| H A D | Makefile.am | 24 	security.c	\32 $(ftpd_OBJECTS): security.h
 34 security.c:
 35 	@test -f security.c || $(LN_S) $(srcdir)/../ftp/security.c .
 36 security.h:
 37 	@test -f security.h || $(LN_S) $(srcdir)/../ftp/security.h .
 41 CLEANFILES = security.c security.h gssapi.c
 
 | 
| /freebsd-src/lib/librpcsec_gss/ | 
| H A D | rpcsec_gss.3 | 37 is a security mechanism for the RPC protocol.38 It uses the Generic Security Service API (GSS-API) to establish a
 39 security context between a client and a server and to ensure that all
 50 to establish a security context.
 57 This type defines the types of security service required for
 69 creating a security context.
 79 Various details of the created security context are returned using
 113 security context.
 117 	const char	*mechanism;	/* security mechanism */
 178 Create a new security context
 [all …]
 
 | 
| H A D | rpc_gss_seccreate.3 | 30 .Nd "create a security context using the RPCSEC_GSS protocol"46 This function is used to establish a security context between an
 58 The desired mechanism for this security context.
 59 The value of mechanism should be the name of one of the security
 78 Extra security context options to be passed to the underlying GSS-API
 90 If the security context was created successfully, a pointer to an
 93 To use this security context for subsequent RPC calls, set
 
 | 
| /freebsd-src/crypto/openssh/contrib/aix/ | 
| H A D | pam.conf | 7 sshd    auth            required        /usr/lib/security/pam_aix8 OTHER   auth            required        /usr/lib/security/pam_aix
 11 sshd    account         required        /usr/lib/security/pam_aix
 12 OTHER   account         required        /usr/lib/security/pam_aix
 15 sshd    password        required        /usr/lib/security/pam_aix
 16 OTHER   password        required        /usr/lib/security/pam_aix
 19 sshd    session         required        /usr/lib/security/pam_aix
 20 OTHER   session         required        /usr/lib/security/pam_aix
 
 | 
| /freebsd-src/sys/kern/ | 
| H A D | sysctl_security_jail_children.sh |  | 
| /freebsd-src/crypto/openssh/contrib/ | 
| H A D | sshd.pam.generic | 2 auth       required     /lib/security/pam_unix.so shadow nodelay3 account    required     /lib/security/pam_nologin.so
 4 account    required     /lib/security/pam_unix.so
 5 password   required     /lib/security/pam_cracklib.so
 6 password   required     /lib/security/pam_unix.so shadow nullok use_authtok
 7 session    required     /lib/security/pam_unix.so
 8 session    required     /lib/security/pam_limits.so
 
 | 
| /freebsd-src/usr.sbin/periodic/ | 
| H A D | periodic.conf | 90 if [ $(sysctl -n security.jail.jailed) = 0 ]; then160 # 450.status-security
 161 daily_status_security_enable="YES"			# Security check
 162 # See also "Security options" below for more options
 222 # 450.status-security
 223 weekly_status_security_enable="YES"			# Security check
 224 # See also "Security options" above for more options
 247 # 450.status-security
 248 monthly_status_security_enable="YES"			# Security check
 249 # See also "Security option
 [all...]
 | 
| /freebsd-src/share/man/man4/ | 
| H A D | mac_portacl.4 | 6 .\" Security Research Division of Network Associates, Inc. under99 .Va security.mac.portacl.port_high
 109 .Va security.mac.portacl.suser_exempt
 118 .Va security.mac.portacl.rules ,
 124 .It Va security.mac.portacl.enabled
 129 .It Va security.mac.portacl.port_high
 134 .It Va security.mac.portacl.rules
 166 NOTE: MAC security policies may not override other security system policies
 177 .It Va security.mac.portacl.suser_exempt
 183 .It Va security.mac.portacl.autoport_exempt
 [all …]
 
 | 
| H A D | mac_bsdextended.4 | 6 .\" Security Research Division of Network Associates, Inc. under59 security policy module provides an interface for the system administrator
 94 .It Va security.mac.bsdextended.enabled
 96 .It Va security.mac.bsdextended.rule_count
 99 .It Va security.mac.bsdextended.rule_slots
 101 .It Va security.mac.bsdextended.firstmatch_enabled
 105 .It Va security.mac.bsdextended.logging
 110 .It Va security.mac.bsdextended.rules
 144 Project by NAI Labs, the Security Research Division of Network Associates
 
 | 
| H A D | ipsec.4 | 35 .Nd Internet Protocol Security protocol47 is a security protocol implemented within the Internet Protocol layer
 57 (for Encapsulating Security Payload)
 63 that provide security services for IP datagrams.
 75 and is designed for security gateways such as VPN endpoints.
 101 is the process of associating keys with security associations, also
 103 Policy management dictates when new security
 155 may be used to configure per-socket security policies.
 176 which means that if there is a security association then use it but if
 182 which requires that a security associatio
 [all...]
 | 
| /freebsd-src/lib/libpam/libpam/ | 
| H A D | Makefile | 8 # ThinkSec AS and NAI Labs, the Security Research Division of Network164 HEADERS=	security/openpam.h \
 165 		security/openpam_attr.h \
 166 		security/openpam_version.h \
 167 		security/pam_appl.h \
 168 		security/pam_constants.h \
 169 		security/pam_modules.h \
 170 		security/pam_types.h \
 172 ADD_HEADERS=	security/pam_mod_misc.h
 176 INCSDIR=	${INCLUDEDIR}/security
 [all...]
 | 
| /freebsd-src/contrib/openbsm/man/ | 
| H A D | audit_warn.5 | 46 .Pa /etc/security/audit_messages .52 .Bl -tag -width ".Pa /etc/security/audit_messages" -compact
 53 .It Pa /etc/security/audit_warn
 54 .It Pa /etc/security/audit_messages
 60 The OpenBSM implementation was created by McAfee Research, the security
 66 This software was created by McAfee Research, the security research division
 73 The Basic Security Module (BSM) interface to audit records and audit event
 
 | 
| /freebsd-src/contrib/unbound/ | 
| H A D | SECURITY.md | 1 # Security Policy9 highest minor and patch version level. We do not backport security fixes to
 25 We take security very seriously. If you have discovered a security vulnerability
 27 encrypted message to our Security Entry Point.
 31 https://www.nlnetlabs.nl/security-report/
 
 | 
| /freebsd-src/share/man/man9/ | 
| H A D | mac.9 | 9 .\" Associates Laboratories, the Security Research Division of Network52 introduced system security modules to modify system security functionality.
 53 This can be used to support a variety of new security services, including
 58 The framework then calls out to security modules to offer them the
 59 opportunity to modify security behavior at those MAC API entry points.
 60 Both consumers of the API (normal kernel services) and security modules
 85 framework and modules may retrieve security labels and attributes from the
 131 developers maintain awareness of when security checks or relevant
 171 Project by Network Associates Laboratories, the Security Research
 182 and implemented by the Network Associates Laboratories Network Security
 
 | 
| /freebsd-src/tests/sys/mac/portacl/ | 
| H A D | root_test.sh | 8 # Verify if security.mac.portacl.suser_exempt=1 really exempts super-user.12 sysctl security.mac.portacl.suser_exempt=1 >/dev/null
 24 # Verify if security.mac.portacl.suser_exempt=0 really doesn't exempt super-user.
 26 sysctl security.mac.portacl.suser_exempt=0 >/dev/null
 38 # Verify if security.mac.portacl.port_high works for super-user.
 40 sysctl security.mac.portacl.port_high=7778 >/dev/null
 
 | 
| H A D | misc.sh | 3 sysctl security.mac.portacl >/dev/null 2>&166 	sysctl security.mac.portacl.rules= >/dev/null
 84 	sysctl security.mac.portacl.rules=${idtype}:${idstr}:${proto}:${port} >/dev/null
 95 	sysctl security.mac.portacl.rules= >/dev/null
 99 suser_exempt=$(sysctl -n security.mac.portacl.suser_exempt)
 100 port_high=$(sysctl -n security.mac.portacl.port_high)
 104 	sysctl -n security.mac.portacl.suser_exempt=${suser_exempt} >/dev/null
 105 	sysctl -n security.mac.portacl.port_high=${port_high} >/dev/null
 
 | 
| H A D | nobody_test.sh | 8 # security.mac.portacl.suser_exempt value doesn't affect unprivileged users14 sysctl security.mac.portacl.suser_exempt=1 >/dev/null
 27 sysctl security.mac.portacl.suser_exempt=0 >/dev/null
 39 # Verify if security.mac.portacl.port_high works.
 41 sysctl security.mac.portacl.port_high=7778 >/dev/null
 56 sysctl security.mac.portacl.port_high=7776 >/dev/null
 
 | 
| /freebsd-src/libexec/rc/rc.d/ | 
| H A D | auditd | 21 required_files="/etc/security/audit_class /etc/security/audit_control22 		/etc/security/audit_event /etc/security/audit_user
 23 		/etc/security/audit_warn"
 
 |