[PATCH man v3 1/2] landlock.7: Copy introductory description of Landlock rules
Alejandro Colomar
alx at kernel.org
Wed Mar 5 18:35:58 UTC 2025
Hi!
On Mon, Mar 03, 2025 at 08:50:29PM +0100, Günther Noack wrote:
> +.P
> +The two existing types of rules are:
BTW, I didn't want to send back the patch for another revision, so I
applied it as is, but this sentence is likely to get outdated at some
point.
I would have removed the "two" from it. But we'll be able to remove it
when/if it changes. I'm just mentioning this for future documentation.
Cheers,
Alex
> +.TP
> +.B Filesystem rules
> +For these rules, the object is a file hierarchy,
> +and the related filesystem actions are defined with
> +.IR "filesystem access rights" .
> +.TP
> +.BR "Network rules" " (since ABI v4)"
> +For these rules, the object is a TCP port,
> +and the related actions are defined with
> +.IR "network access rights" .
> .\"
> .SS Filesystem actions
> These flags enable to restrict a sandboxed process to a
> --
> 2.48.1.711.g2feabab25a-goog
>
>
--
<https://www.alejandro-colomar.es/>
More information about the Linux-security-module-archive
mailing list