mirror of
https://github.com/linuxkit/linuxkit.git
synced 2025-07-23 11:00:25 +00:00
Add Yama LSM
Default config is restricted ptrace, processes can only ptrace related processes, such as child processes, rather than any process with the same uid. Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This commit is contained in:
parent
7d7c52a55e
commit
822e4df468
@ -3331,7 +3331,7 @@ CONFIG_HARDENED_USERCOPY=y
|
||||
# CONFIG_SECURITY_TOMOYO is not set
|
||||
# CONFIG_SECURITY_APPARMOR is not set
|
||||
# CONFIG_SECURITY_LOADPIN is not set
|
||||
# CONFIG_SECURITY_YAMA is not set
|
||||
CONFIG_SECURITY_YAMA=y
|
||||
CONFIG_INTEGRITY=y
|
||||
# CONFIG_INTEGRITY_SIGNATURE is not set
|
||||
CONFIG_INTEGRITY_AUDIT=y
|
||||
|
Loading…
Reference in New Issue
Block a user