[RFC][PATCH 1/3] evm: Move hooks outside LSM infrastructure
Mimi Zohar
zohar at linux.ibm.com
Wed May 6 21:10:08 UTC 2020
On Wed, 2020-05-06 at 15:44 -0400, Mimi Zohar wrote:
> Since copying the EVM HMAC or original signature isn't applicable, I
> would prefer exploring an EVM portable and immutable signature only
> solution.
To prevent copying the EVM xattr, we added "security.evm" to
/etc/xattr.conf. To support copying just the EVM portable and
immutable signatures will require a different solution.
Mimi
More information about the Linux-security-module-archive
mailing list