diff options
| author | Mimi Zohar <[email protected]> | 2018-02-21 11:35:20 -0500 |
|---|---|---|
| committer | Mimi Zohar <[email protected]> | 2018-03-23 06:31:37 -0400 |
| commit | d77ccdc644a59b412d8e101576134c90a0aa6797 (patch) | |
| tree | 80fa2cc61e12a5b5e5647ed29aa31eab9254a037 /tools/perf/util/scripting-engines/trace-event-python.c | |
| parent | 57b56ac6fecb05c3192586e4892572dd13d972de (diff) | |
ima: re-evaluate files on privileged mounted filesystems
This patch addresses the fuse privileged mounted filesystems in a "secure"
environment, with a correctly enforced security policy, which is willing
to assume the inherent risk of specific fuse filesystems that are well
defined and properly implemented.
As there is no way for the kernel to detect file changes, the kernel
ignores the cached file integrity results and re-measures, re-appraises,
and re-audits the file.
Signed-off-by: Mimi Zohar <[email protected]>
Cc: Miklos Szeredi <[email protected]>
Cc: Seth Forshee <[email protected]>
Cc: Dongsu Park <[email protected]>
Cc: Alban Crequy <[email protected]>
Acked-by: Serge Hallyn <[email protected]>
Acked-by: "Eric W. Biederman" <[email protected]>
Diffstat (limited to 'tools/perf/util/scripting-engines/trace-event-python.c')
0 files changed, 0 insertions, 0 deletions