Thread (17 messages) 17 messages, 3 authors, 2020-07-20

Re: [RFC PATCH v4 02/12] security: add ipe lsm evaluation loop and audit system

From: Randy Dunlap <hidden>
Date: 2020-07-17 23:17:05
Also in: dm-devel, linux-block, linux-fsdevel, linux-security-module, lkml

On 7/17/20 4:09 PM, Deven Bowers wrote:
+config SECURITY_IPE_PERMISSIVE_SWITCH
+	bool "Enable the ability to switch IPE to permissive mode"
+	default y
+	help
+	  This option enables two ways of switching IPE to permissive mode,
+	  a sysctl (if enabled), `ipe.enforce`, or a kernel command line
+	  parameter, `ipe.enforce`. If either of these are set to 0, files
	                                               is set
+	  will be subject to IPE's policy, audit messages will be logged, but
+	  the policy will not be enforced.
+
+	  If unsure, answer Y.

-- 
~Randy
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help