Re: Can we enforce "IMA Policy" based on file type

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 04/25/2019 01:07 PM, Kavitha Sivagnanam wrote:

Mimi


Another option would be to extend IMA by implementing the LSM
security_sb_mount hook

Yes, that’s exactly the feedback I was looking for.
I know that there is no existing support as of today.  But wanted to know how we can add support this.
Adding this support shouldn't be too difficult. You can start from IMA policy code in security/integrity/ima_policy.c. 

And just a reminder, please keep your responses as inline/bottom post.

Thanks & Regards,
     - Nayna



-Kavitha

Juniper Internal
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux