[PATCH 01/12] Security: Add CAP_COMPROMISE_KERNEL
James Morris
jmorris at namei.org
Tue Mar 19 00:47:59 EDT 2013
On Mon, 18 Mar 2013, Matthew Garrett wrote:
> This patch introduces CAP_COMPROMISE_KERNEL.
I'd like to see this named CAP_MODIFY_KERNEL, which is more accurate and
less emotive. Otherwise I think core kernel developers will be scratching
their head over where to sprinkle this.
Apart from that, I like the idea, especially when it's wired up to MAC
security.
--
James Morris
<jmorris at namei.org>
More information about the kexec
mailing list