Re: [RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)
From: Pavel Machek
Date: Sun Aug 02 2020 - 07:55:56 EST
> IPE is a Linux Security Module which allows for a configurable
> policy to enforce integrity requirements on the whole system. It
> attempts to solve the issue of Code Integrity: that any code being
> executed (or files being read), are identical to the version that
> was built by a trusted source.
How is that different from security/integrity/ima?
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html