Re: [PATCH man v3 1/2] landlock.7: Copy introductory description of Landlock rules

From: Alejandro Colomar <alx@kernel.org>
Date: 2025-03-05 18:36:05
Also in: linux-security-module

Hi!

On Mon, Mar 03, 2025 at 08:50:29PM +0100, Günther Noack wrote:

+.P
+The two existing types of rules are:

BTW, I didn't want to send back the patch for another revision, so I
applied it as is, but this sentence is likely to get outdated at some
point.

I would have removed the "two" from it.  But we'll be able to remove it
when/if it changes.  I'm just mentioning this for future documentation.


Cheers,
Alex

+.TP
+.B Filesystem rules
+For these rules, the object is a file hierarchy,
+and the related filesystem actions are defined with
+.IR "filesystem access rights" .
+.TP
+.BR "Network rules" " (since ABI v4)"
+For these rules, the object is a TCP port,
+and the related actions are defined with
+.IR "network access rights" .
 .\"
 .SS Filesystem actions
 These flags enable to restrict a sandboxed process to a
-- 
2.48.1.711.g2feabab25a-goog

-- 
<https://www.alejandro-colomar.es/>

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help