On Mon, Aug 8, 2016 at 2:32 PM, Stephen Smalley wrote:
> On 08/08/2016 01:41 PM, Daniel J Walsh wrote:
>> I have been requested by some container people to make this only
>> readable not writable to prevent certain types of attacks on the
>>
>> kernel. No idea if this is a good idea or not.
>
> W
On 08/08/2016 01:41 PM, Daniel J Walsh wrote:
> I have been requested by some container people to make this only
> readable not writable to prevent certain types of attacks on the
>
> kernel. No idea if this is a good idea or not.
Would require a kernel change. Support for per-file labeling of
