diff options
author | Eric Paris <eparis@redhat.com> | 2009-08-13 15:45:03 +0200 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-08-14 03:18:40 +0200 |
commit | 25354c4fee169710fd9da15f3bb2abaa24dcf933 (patch) | |
tree | 7fb462945c15ce09392ae858c8ae757290b5ed2d /kernel/user_namespace.c | |
parent | security: introducing security_request_module (diff) | |
download | linux-25354c4fee169710fd9da15f3bb2abaa24dcf933.tar.xz linux-25354c4fee169710fd9da15f3bb2abaa24dcf933.zip |
SELinux: add selinux_kernel_module_request
This patch adds a new selinux hook so SELinux can arbitrate if a given
process should be allowed to trigger a request for the kernel to try to
load a module. This is a different operation than a process trying to load
a module itself, which is already protected by CAP_SYS_MODULE.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'kernel/user_namespace.c')
0 files changed, 0 insertions, 0 deletions