Add Yama LSM

Default config is restricted ptrace, processes can only ptrace
related processes, such as child processes, rather than any process
with the same uid.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This commit is contained in:
Justin Cormack 2016-12-03 21:30:10 +00:00
parent 7d7c52a55e
commit 822e4df468

View File

@ -3331,7 +3331,7 @@ CONFIG_HARDENED_USERCOPY=y
# CONFIG_SECURITY_TOMOYO is not set
# CONFIG_SECURITY_APPARMOR is not set
# CONFIG_SECURITY_LOADPIN is not set
# CONFIG_SECURITY_YAMA is not set
CONFIG_SECURITY_YAMA=y
CONFIG_INTEGRITY=y
# CONFIG_INTEGRITY_SIGNATURE is not set
CONFIG_INTEGRITY_AUDIT=y