On Thu, 07.03.13 11:06, Nathaniel Chen (nathaniel.c...@intel.com) wrote:
> SMACK is the Simple Mandatory Access Control Kernel, a minimal
> approach to Access Control implemented as a kernel LSM.
>
> The kernel exposes the smackfs filesystem API through which access
> rules can be loaded. At boot
SMACK is the Simple Mandatory Access Control Kernel, a minimal
approach to Access Control implemented as a kernel LSM.
The kernel exposes the smackfs filesystem API through which access
rules can be loaded. At boot time, we want to load the access rules
as early as possible to ensure all early boo
On Tue, 05.03.13 15:24, Nathaniel Chen (nathaniel.c...@intel.com) wrote:
Heya,
A few comments on top of what Zbigniew already pointed out.
> + smack = fopen("/sys/fs/smackfs/load2", "w");
Not that it would matter here, but out of principle we generally use "we"
instead of "w"...
> + if
On Tue, Mar 05, 2013 at 03:24:27PM -0800, Nathaniel Chen wrote:
> SMACK is the Simple Mandatory Access Control Kernel, a minimal
> approach to Access Control implemented as a kernel LSM.
>
> The kernel exposes the smackfs filesystem API through which access
> rules can be loaded. At boot time, we
SMACK is the Simple Mandatory Access Control Kernel, a minimal
approach to Access Control implemented as a kernel LSM.
The kernel exposes the smackfs filesystem API through which access
rules can be loaded. At boot time, we want to load the access rules
as early as possible to ensure all early boo
