2d514487fa
This adds the Yama Linux Security Module to collect DAC security improvements (specifically just ptrace restrictions for now) that have existed in various forms over the years and have been carried outside the mainline kernel by other Linux distributions like Openwall and grsecurity. Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: John Johansen <john.johansen@canonical.com> Signed-off-by: James Morris <jmorris@namei.org>
14 lines
455 B
Plaintext
14 lines
455 B
Plaintext
config SECURITY_YAMA
|
|
bool "Yama support"
|
|
depends on SECURITY
|
|
select SECURITYFS
|
|
select SECURITY_PATH
|
|
default n
|
|
help
|
|
This selects Yama, which extends DAC support with additional
|
|
system-wide security settings beyond regular Linux discretionary
|
|
access controls. Currently available is ptrace scope restriction.
|
|
Further information can be found in Documentation/security/Yama.txt.
|
|
|
|
If you are unsure how to answer this question, answer N.
|