[PATCH] LSM: allow an LSM to disable all hooks at once

James Morris jmorris at namei.org
Fri Dec 13 18:48:46 UTC 2019

On Thu, 12 Dec 2019, Ondrej Mosnacek wrote:

> I'd say the burden of implementing this would lie on the arms of
> whoever prepares the patches for dynamic load/unload.

Correct, and I don't see any such patches being accepted.

Go and look at some exploits, where LSM is used as a rootkit API...

James Morris
<jmorris at namei.org>

More information about the Linux-security-module-archive mailing list