SELinux, LSM and ima_policy rules

Lev Olshvang levonshe at yandex.com
Mon Feb 4 03:38:19 EST 2019


Hello everybody.

I learned recently that IMA kernel security  subsystem can be integrated with LSMs, such as SELinux, Smack, ...
https://sourceforge.net/p/linux-ima/wiki/Home/

https://www.kernel.org/doc/Documentation/ABI/testing/ima_policy

It was present in kernel since v3.8 but not google does not know much about the usability.

Does anybody have any experience or references which I can read to learn restrictions, performance impact or just use cases? 

ThanX!
Lev.





More information about the Kernelnewbies mailing list