[PATCH v1 0/4] [RFC] Implement Trampoline File Descriptor

James Morris jmorris at namei.org
Tue Jul 28 17:05:08 UTC 2020

On Tue, 28 Jul 2020, Casey Schaufler wrote:

> You could make a separate LSM to do these checks instead of limiting
> it to SELinux. Your use case, your call, of course.

It's not limited to SELinux. This is hooked via the LSM API and 
implementable by any LSM (similar to execmem, execstack etc.)

James Morris
<jmorris at namei.org>

More information about the Linux-security-module-archive mailing list