[PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
James Morris
jmorris at namei.org
Tue May 1 20:42:05 UTC 2018
On Tue, 1 May 2018, Mickaël Salaün wrote:
> > I've been a long-time proponent of programmable LSMs (before it was
> > cool): https://lkml.org/lkml/2016/8/4/58
>
> Happy to know that Landlock started before programmable access-control
> was cool, too. :)
> https://lkml.kernel.org/r/1458784008-16277-1-git-send-email-mic@digikod.net
>
Not to brag or anything, but this was c.2000 (AD)
https://linux.die.net/man/3/libipq ;-)
Landlock is by far the better approach to this than C, and may generally
solve the use-case of (un)loadable, simple, ad-hoc policies.
--
James Morris
<jmorris at namei.org>
More information about the Linux-security-module-archive
mailing list