[Cc'ing the LSM mailing list and others] On Fri, 2019-03-29 at 13:00 +0300, Igor Zhbanov wrote: > Hi Mimi,On 28.03.2019 20:17, Mimi Zohar wrote: > > I just came across the grsecurity article on mprotect.[1] > > Has anyone looked at it? Would it make sense to make it a minor LSM? > > > > [1]https://pax.grsecurity.net/docs/mprotect.txt > > Interesting article. It is almost exactly of what I wanted to be implemented. > > If this minor LSM would be stackable to allow combining with e.g. SELinux > then why not. Stacking shouldn't be a problem. Other LSMs are already on the mprotect hook. Let's hear what others think. Mimi