[ubuntu-hardened] list introductions
Kees Cook
kees at ubuntu.com
Wed Oct 31 18:17:53 GMT 2007
On Wed, Oct 31, 2007 at 10:01:58AM -0700, Steve Beattie wrote:
> On Tue, Oct 30, 2007 at 10:15:52PM -0700, Kees Cook wrote:
> > I'd like to try to break the grsec patches up logically and add /proc
> > runtime toggles for them.
>
> As long as the modular infrastructure for LSM is in place (even
> if it requires static compilation) and you implement these as LSMs,
> /sys/module/<modulename>/parameters/ is the place to put these toggles,
> using the module_param infrastructure.
Would this really be "stackable" with other "full" LSM systems? I know
some of the grsec patches do things that aren't managed by LSM.
-Kees
--
Kees Cook
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20071031/9315b693/attachment.pgp
More information about the ubuntu-hardened
mailing list