• Deven Bowers's avatar
    lsm: add IPE lsm · 03115077
    Deven Bowers authored
    Integrity Policy Enforcement (IPE) is an LSM that provides an
    complimentary approach to Mandatory Access Control than existing LSMs
    today.
    
    Existing LSMs have centered around the concept of access to a resource
    should be controlled by the current user's credentials. IPE's approach,
    is that access to a resource should be controlled by the system's trust
    of a current resource.
    
    The basis of this approach is defining a global policy to specify which
    resource can be trusted.
    Signed-off-by: default avatarDeven Bowers <deven.desai@linux.microsoft.com>
    Signed-off-by: default avatarFan Wu <wufan@linux.microsoft.com>
    [PM: subject line tweak]
    Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
    03115077
security.c 166 KB