1
linux/security
Eric Paris f850a7c040 IMA: remove read permissions on the ima policy file
The IMA policy file does not implement read.  Trying to just open/read/close
the file will load a blank policy and you cannot then change the policy
without a reboot.  This removes the read permission from the file so one must
at least be attempting to write...

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-05-15 09:55:41 +10:00
..
integrity/ima IMA: remove read permissions on the ima policy file 2009-05-15 09:55:41 +10:00
keys keys: Handle there being no fallback destination keyring for request_key() 2009-04-09 10:41:19 -07:00
selinux Merge branch 'master' into next 2009-05-08 17:56:47 +10:00
smack Merge branch 'master' into next 2009-05-08 17:56:47 +10:00
tomoyo tomoyo: version bump to 2.2.0. 2009-04-14 09:15:02 +10:00
capability.c lsm: Remove the socket_post_accept() hook 2009-03-28 15:01:37 +11:00
commoncap.c Merge branch 'master' into next 2009-05-08 17:56:47 +10:00
device_cgroup.c devcgroup: avoid using cgroup_lock 2009-04-02 19:04:55 -07:00
inode.c securityfs: securityfs_remove should handle IS_ERR pointers 2009-05-12 11:06:11 +10:00
Kconfig Kconfig and Makefile 2009-02-12 15:19:00 +11:00
lsm_audit.c smack: implement logging V3 2009-04-14 09:00:19 +10:00
Makefile smack: implement logging V3 2009-04-14 09:00:23 +10:00
root_plug.c Revert "CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2]" 2009-01-07 09:21:54 +11:00
security.c CacheFiles: Export things for CacheFiles 2009-04-03 16:42:40 +01:00