kernel-ark/security
Eric Paris c3d20103d0 IMA: do not measure everything opened by root by default
The IMA default policy measures every single file opened by root.  This is
terrible for most users.  Consider a system (like mine) with virtual machine
images.  When those images are touched (which happens at boot for me) those
images are measured.  This is just way too much for the default case.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-05-15 09:55:44 +10:00
..
integrity/ima IMA: do not measure everything opened by root by default 2009-05-15 09:55:44 +10:00
keys keys: Handle there being no fallback destination keyring for request_key() 2009-04-09 10:41:19 -07:00
selinux Merge branch 'master' into next 2009-05-08 17:56:47 +10:00
smack Merge branch 'master' into next 2009-05-08 17:56:47 +10:00
tomoyo tomoyo: version bump to 2.2.0. 2009-04-14 09:15:02 +10:00
capability.c lsm: Remove the socket_post_accept() hook 2009-03-28 15:01:37 +11:00
commoncap.c Merge branch 'master' into next 2009-05-08 17:56:47 +10:00
device_cgroup.c devcgroup: avoid using cgroup_lock 2009-04-02 19:04:55 -07:00
inode.c securityfs: securityfs_remove should handle IS_ERR pointers 2009-05-12 11:06:11 +10:00
Kconfig Kconfig and Makefile 2009-02-12 15:19:00 +11:00
lsm_audit.c smack: implement logging V3 2009-04-14 09:00:19 +10:00
Makefile smack: implement logging V3 2009-04-14 09:00:23 +10:00
root_plug.c Revert "CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2]" 2009-01-07 09:21:54 +11:00
security.c CacheFiles: Export things for CacheFiles 2009-04-03 16:42:40 +01:00