On Thursday, July 11, 2013 10:33:05 AM Vivek Goyal wrote: > Secondly, there are disagreements upstream w.r.t how locking down > executable should happen. IMA folks want some functionality behind > security hooks (as opposed to what I have done). So I am expecting > that once patches do get merged upstream, they might be in little > different shape altogether. I don't know if the average person has played with IMA. It hashes all files being accessed depending on its policy. This is CPU intensive and will cause the system fans to run faster and the system uses more power. It also runs slower because of all the time spent hashing files. I reported this to upstream IMA developers a while back. I doubt anything has changed. -Steve -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
