[PATCH 2/6] landlock: Implement LANDLOCK_ADD_RULE_NO_INHERIT userspace api
Justin Suess
utilityemal77 at gmail.com
Tue Nov 25 12:06:52 UTC 2025
Good catch.
Probably just gonna add that comment to the add_rule_path_beneath
since LANDLOCK_ADD_RULE_NO_INHERIT doesn't really apply to networking
stuff at all and really doesn't make sense in those rules.
I may even include some code barring the flag from being included in
irrelevant scopes.
Networking, sockets, and signals don't really have an inheritance
behavior.
I personally don't really see how this flag could apply to any
other scopes but if anyone has ideas I'd love to hear them.
If other hierarchical scopes get added then this flag can support those.
Or maybe this flag can have in a different meaning in those contexts.
Thank You,
Justin Suess
More information about the Linux-security-module-archive
mailing list