[PATCH v15 23/23] AppArmor: Remove the exclusive flag

Stephen Smalley sds at tycho.nsa.gov
Tue Feb 18 18:19:07 UTC 2020


On 2/14/20 6:42 PM, Casey Schaufler wrote:
> With the inclusion of the "display" process attribute
> mechanism AppArmor no longer needs to be treated as an
> "exclusive" security module. Remove the flag that indicates
> it is exclusive. Remove the stub getpeersec_dgram AppArmor
> hook as it has no effect in the single LSM case and
> interferes in the multiple LSM case.
> 
> Reviewed-by: Kees Cook <keescook at chromium.org>
> Reviewed-by: John Johansen <john.johansen at canonical.com>
> Signed-off-by: Casey Schaufler <casey at schaufler-ca.com>

Acked-by: Stephen Smalley <sds at tycho.nsa.gov>

[...]



More information about the Linux-security-module-archive mailing list