On Tue, Jun 27, 2006 at 06:48:26PM +0100, David Howells wrote: > Kris Wilson <[EMAIL PROTECTED]> wrote: > > We are trying to finalize our list of syscalls to test and have the > > following questions: > > Test in what way?
The testing would be for compliance with LSPP, in this case that the syscalls properly implement mandatory access control and generate correct audit records. > > add_key > > request_key > > keyctl > > Anybody may use them. Is there any clean way to disable them at runtime for non-admins, maybe a SELinux constraint? It would save a lot of work for the evaluation... -Klaus -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
