On Fri, 2020-05-08 at 10:15 +0300, Lev R. Oshvang . wrote: > I can suggest something better ( I believe) > Some time ago I proposed patch to IMA - Add suffix in IMA policy rule > criteria > It allows IMA to verify scripts, configuration files and even single file. > It is very simple and does not depend on open flags. > Mimi Zohar decided not to include this patch on the reason it tries to > protect the file name. > ( Why ??).
Your patch relies on the filename, but does nothing to protect it. Mimi
