[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [redhat-lspp] Syscalls questions

From: David Howells <dhowells redhat com>
To: Klaus Weidner <klaus atsec com>
Cc: David Howells <dhowells redhat com>, lspp-list <redhat-lspp redhat com>, Kris Wilson <krisw us ibm com>
Subject: Re: [redhat-lspp] Syscalls questions
Date: Thu, 29 Jun 2006 10:16:36 +0100

Klaus Weidner <klaus atsec com> wrote:

> The testing would be for compliance with LSPP, in this case that the
> syscalls properly implement mandatory access control and generate correct
> audit records.

And you think this testing _wouldn't_ be appropriate for the key management
interface?

> Is there any clean way to disable them at runtime for non-admins, maybe a
> SELinux constraint? It would save a lot of work for the evaluation...

Well, you can compile them out of your kernel.

David

Follow-Ups:
- Re: [redhat-lspp] Syscalls questions
  - From: Klaus Weidner

References:
- Re: [redhat-lspp] Syscalls questions
  - From: Klaus Weidner
- [redhat-lspp] Syscalls questions
  - From: Kris Wilson
- Re: [redhat-lspp] Syscalls questions
  - From: David Howells

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]