Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAH2bzCQQyCEkBEe5tWRLnXek=L6MUJai1D77ogjaBjW7wJJmfA@mail.gmail.com>
Date: Tue, 27 Jun 2017 23:07:17 +0300
From: "igor.stoppa@...il.com" <igor.stoppa@...il.com>
To: Christoph Hellwig <hch@...radead.org>
Cc: Igor Stoppa <igor.stoppa@...wei.com>, keescook@...omium.org, mhocko@...nel.org, 
	jmorris@...ei.org, penguin-kernel@...ove.sakura.ne.jp, paul@...l-moore.com, 
	sds@...ho.nsa.gov, casey@...aufler-ca.com, labbott@...hat.com, 
	linux-security-module@...r.kernel.org, linux-mm@...ck.org, 
	linux-kernel@...r.kernel.org, kernel-hardening@...ts.openwall.com
Subject: Re: [PATCH 3/3] Make LSM Writable Hooks a command line option

On 27 June 2017 at 20:51, Christoph Hellwig <hch@...radead.org> wrote:

> On Tue, Jun 27, 2017 at 08:33:23PM +0300, Igor Stoppa wrote:
>
> [...]


> > The default value is disabled, unless SE Linux debugging is turned on.
>
> Can we please just force it to be read-only?
>

I'm sorry, I'm not quite sure I understand your comment.

I'm trying to replicate the behavior of __lsm_ro_after_init:

line 1967 @ [1]   - Did I get it wrong?

thanks, igor



[1]
https://kernel.googlesource.com/pub/scm/linux/kernel/git/jmorris/linux-security/+/5965453d5e3fb425e6f9d6b4fec403bda3f33107/include/linux/lsm_hooks.h

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.