[PATCH security-next v4 23/32] selinux: Remove boot parameter
Kees Cook
keescook at chromium.org
Thu Oct 4 17:42:09 UTC 2018
On Thu, Oct 4, 2018 at 10:40 AM, Jordan Glover
<Golden_Miller83 at protonmail.ch> wrote:
> Sent with ProtonMail Secure Email.
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> On Thursday, October 4, 2018 6:18 PM, Kees Cook <keescook at chromium.org> wrote:
>
>>
>> I don't want to overload "security=", but we can if we want. It would
>> be as above, but a trailing comma would be needed to trigger the
>> "ordering" behavior. e.g. "security=selinux" would disable all other
>> majors (retaining the current behavior), but "security=selinux," would
>> disable all other LSMs.
>>
>> -Kees
>>
>>
>
> I don't think giving such big impact to trailing comma is good idea :)
That's why I prefer a new lsm= instead of confusing security=. :)
-Kees
--
Kees Cook
Pixel Security
More information about the Linux-security-module-archive
mailing list