On 07/07/2020 22:11, Randy Dunlap wrote:
> Hi--
>
> On 7/7/20 11:09 AM, Mickaël Salaün wrote:
>> ---
>> arch/Kconfig | 7 +
>> arch/um/Kconfig | 1 +
>> include/uapi/linux/landlock.h | 78 +
>> security/landlock/Kconfig | 2 +-
>>
Hi--
On 7/7/20 11:09 AM, Mickaël Salaün wrote:
> ---
> arch/Kconfig | 7 +
> arch/um/Kconfig | 1 +
> include/uapi/linux/landlock.h | 78 +
> security/landlock/Kconfig | 2 +-
> security/landlock/Makefile| 2 +-
> security/landlock/fs.c
Thanks to the Landlock objects and ruleset, it is possible to identify
inodes according to a process's domain. To enable an unprivileged
process to express a file hierarchy, it first needs to open a directory
(or a file) and pass this file descriptor to the kernel through
landlock(2). When
3 matches
Mail list logo