CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER: Activate without calling userspace policy loader.

General informations

The Linux kernel configuration item CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER:

• prompt: Activate without calling userspace policy loader.
• type: bool
• depends on: CONFIG_SECURITY_TOMOYO
• defined in security/tomoyo/Kconfig
• found in Linux kernels: 3.1–3.19, 4.0–4.20, 5.0–5.19, 6.0–6.8, 6.9-rc+HEAD

Help text

Say Y here if you want to activate access control as soon as built-in policy was loaded. This option will be useful for systems where operations which can lead to the hijacking of the boot sequence are needed before loading the policy. For example, you can activate immediately after loading the fixed part of policy which will allow only operations needed for mounting a partition which contains the variant part of policy and verifying (e.g. running GPG check) and loading the variant part of policy. Since you can start using enforcing mode from the beginning, you can reduce the possibility of hijacking the boot sequence.

Hardware

LKDDb

Raw data from LKDDb:

• (none)

Sources

This page is automaticly generated with free (libre, open) software lkddb(see lkddb-sources).

The data is retrived from:

• Linux kernel
• Linux Kernel Driver DataBase (LKDDb)

Automatic links from Google (and ads)

Custom Search

Popular queries: