Re: [PATCH v3 3/5] fs: Enable to enforce noexec mounts or file exec through RESOLVE_MAYEXEC

From: James Morris
Date: Fri May 01 2020 - 14:07:25 EST

Next message: Rob Clark: "Re: [PATCH] drm/msm: Fix undefined "rd_full" link error"
Previous message: Dan Murphy: "Re: [RESEND PATCH v5 0/3] BQ25150/155 Charger"
In reply to: MickaÃl SalaÃn: "Re: [PATCH v3 3/5] fs: Enable to enforce noexec mounts or file exec through RESOLVE_MAYEXEC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 1 May 2020, Mickaël Salaün wrote:

>
> However, for fully controlled distros such as CLIP OS, it make sense to
> enforce such restrictions at kernel build time. I can add an alternative
> kernel configuration to enforce a particular policy at boot and disable
> this sysctl.

Sounds good.

--
James Morris
<jmorris@xxxxxxxxx>

Next message: Rob Clark: "Re: [PATCH] drm/msm: Fix undefined "rd_full" link error"
Previous message: Dan Murphy: "Re: [RESEND PATCH v5 0/3] BQ25150/155 Charger"
In reply to: MickaÃl SalaÃn: "Re: [PATCH v3 3/5] fs: Enable to enforce noexec mounts or file exec through RESOLVE_MAYEXEC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]