TOMOYO can't be enabled with other major LSM
Igor Zhbanov
izh1979 at gmail.com
Sun Feb 6 07:57:43 UTC 2022
Hi,
According to commit a5e2fe7ede1268d2f80fe49ca1f717d0e3750995, TOMOYO
could be able to work together with other major LSM:
TOMOYO: Update LSM flags to no longer be exclusive
With blob sharing in place, TOMOYO is no longer an exclusive LSM,
so it can operate separately now. Mark it as such.
However, current security/Kconfig doesn't allow to select TOMOYO and
some other major LSM because of using exclusive "choice" of one of them.
I suppose, if TOMOYO is ready to work alongside with other major LSM,
we need adjust security/Kconfig accordingly.
Thank you.
More information about the Linux-security-module-archive
mailing list