diff options
author | Kees Cook <keescook@chromium.org> | 2015-07-23 18:02:48 -0700 |
---|---|---|
committer | James Morris <james.l.morris@oracle.com> | 2015-07-28 13:18:19 +1000 |
commit | 730daa164e7c7e31c08fab940549f4acc3329432 (patch) | |
tree | 8c125b404c785f8de46a04d4f43fccef6744f0a8 /Documentation/security | |
parent | fe6c59dc17908effd4e2caa666795b9ad984005b (diff) | |
download | linux-730daa164e7c7e31c08fab940549f4acc3329432.tar.bz2 |
Yama: remove needless CONFIG_SECURITY_YAMA_STACKED
Now that minor LSMs can cleanly stack with major LSMs, remove the unneeded
config for Yama to be made to explicitly stack. Just selecting the main
Yama CONFIG will allow it to work, regardless of the major LSM. Since
distros using Yama are already forcing it to stack, this is effectively
a no-op change.
Additionally add MAINTAINERS entry.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Diffstat (limited to 'Documentation/security')
-rw-r--r-- | Documentation/security/Yama.txt | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/Documentation/security/Yama.txt b/Documentation/security/Yama.txt index 227a63f018a2..d9ee7d7a6c7f 100644 --- a/Documentation/security/Yama.txt +++ b/Documentation/security/Yama.txt @@ -1,9 +1,7 @@ -Yama is a Linux Security Module that collects a number of system-wide DAC -security protections that are not handled by the core kernel itself. To -select it at boot time, specify "security=yama" (though this will disable -any other LSM). - -Yama is controlled through sysctl in /proc/sys/kernel/yama: +Yama is a Linux Security Module that collects system-wide DAC security +protections that are not handled by the core kernel itself. This is +selectable at build-time with CONFIG_SECURITY_YAMA, and can be controlled +at run-time through sysctls in /proc/sys/kernel/yama: - ptrace_scope |