|
Message-Id: <1322694098-21872-1-git-send-email-keescook@chromium.org> Date: Wed, 30 Nov 2011 15:01:36 -0800 From: Kees Cook <keescook@...omium.org> To: linux-kernel@...r.kernel.org Cc: linux-security-module@...r.kernel.org, Roland McGrath <roland@...k.frob.com>, James Morris <jmorris@...ei.org>, kernel-hardening@...ts.openwall.com Subject: [PATCH v7 0/2] security: Yama LSM As discussed at the Linux Security Summit, I'm resubmitting this code. As an LSM, it has coherent policy around expanding specific DAC behaviors. There is no need for it to be a full-blown MAC, since it is not intended to be one, but rather to be a simplified expansion to DAC, with system-wide knobs. See the specific patches for details... This version only contains the ptrace restrictions, since a path has been cleared for that (thanks Roland). The link restriction discussion can continue separately. In the meantime, I will carry it as a patch here: http://git.kernel.org/?p=linux/kernel/git/kees/linux.git;a=shortlog;h=refs/heads/yama Thanks, -Kees
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.