Thread (17 messages) 17 messages, 3 authors, 2020-07-20

Re: [RFC PATCH v4 02/12] security: add ipe lsm evaluation loop and audit system

From: Deven Bowers <hidden>
Date: 2020-07-20 16:44:26
Also in: dm-devel, linux-block, linux-fsdevel, linux-integrity, lkml 


On 7/17/2020 4:16 PM, Randy Dunlap wrote:
On 7/17/20 4:09 PM, Deven Bowers wrote:
quoted
+config SECURITY_IPE_PERMISSIVE_SWITCH
+	bool "Enable the ability to switch IPE to permissive mode"
+	default y
+	help
+	  This option enables two ways of switching IPE to permissive mode,
+	  a sysctl (if enabled), `ipe.enforce`, or a kernel command line
+	  parameter, `ipe.enforce`. If either of these are set to 0, files
	                                               is set
Thanks, I'll change it in the next iteration.

quoted
+	  will be subject to IPE's policy, audit messages will be logged, but
+	  the policy will not be enforced.
+
+	  If unsure, answer Y.
  



    
  

  
    

      

        Keyboard shortcuts
      

      

        
          
hback out one level

          
jnext message in thread

          
kprevious message in thread

          
ldrill in

          
Escclose help / fold thread tree

          
?toggle this help