On 25-10, Mimi Zohar wrote:
> On Wed, 2017-10-25 at 13:05 -0200, Bruno E. O. Meneguele wrote:
> > On 24-10, Mimi Zohar wrote:
> > > On Tue, 2017-10-24 at 15:37 -0200, Bruno E. O. Meneguele wrote:
> > > > When the user requests MODULE_CHECK policy and its kernel is compiled
> > > > with CONFIG_MODUL
On Wed, 2017-10-25 at 13:05 -0200, Bruno E. O. Meneguele wrote:
> On 24-10, Mimi Zohar wrote:
> > On Tue, 2017-10-24 at 15:37 -0200, Bruno E. O. Meneguele wrote:
> > > When the user requests MODULE_CHECK policy and its kernel is compiled
> > > with CONFIG_MODULE_SIG_FORCE not set, all modules would
On 24-10, Mimi Zohar wrote:
> On Tue, 2017-10-24 at 15:37 -0200, Bruno E. O. Meneguele wrote:
> > When the user requests MODULE_CHECK policy and its kernel is compiled
> > with CONFIG_MODULE_SIG_FORCE not set, all modules would not load, just
> > those loaded in initram time. One option the user wo
On Tue, 2017-10-24 at 15:37 -0200, Bruno E. O. Meneguele wrote:
> When the user requests MODULE_CHECK policy and its kernel is compiled
> with CONFIG_MODULE_SIG_FORCE not set, all modules would not load, just
> those loaded in initram time. One option the user would have would be
> set a kernel cmd
When the user requests MODULE_CHECK policy and its kernel is compiled
with CONFIG_MODULE_SIG_FORCE not set, all modules would not load, just
those loaded in initram time. One option the user would have would be
set a kernel cmdline param (module.sig_enforce) to true, but the IMA
module check code d
5 matches
Mail list logo
