Buccipod lwn-net@feeds.twtxt.net "[$] Adding system calls for Linux security modules The Linux security module (LSM) subsystem has long had limitations on which modules could be ..."

feeds.twtxt.net

Wed, Jan 4 6:33PM 2023 (1y ago)

[$] Adding system calls for Linux security modules
The Linux security module (LSM) subsystem has long had limitations on
which modules could be combined in a given running kernel. Some parts of
the problem have been solved over the years—”smaller” LSMs can be combined
at will with a single, more complex LSM—but combining (or “stacking”)
SELinux with, say, Smack or AppArmor has never been possible. Back in
October, we looked at the most recent
attempt to add that ability, which resulted in patches to … ⌘ Read more

⤋ Read More