On Tue, 18 Apr 2017, Matt Brown wrote: > This patch reproduces GRKERNSEC_HARDEN_TTY functionality from the grsecurity > project in-kernel.
It seems like an ugly hack to an ugly feature (CAP_SYS_ADMIN barely makes sense here), and rather than sprinkling these types of things throughout the kernel, I wonder if it might be better to implement it via LSM, in the YAMA module. - James -- James Morris <jmor...@namei.org>
