I want to turn on a part of the kernel to make SELinux checking more stringent.

Benjamin Lewis ben.lewis at benl.co.uk
Fri Jan 24 15:34:55 UTC 2014


On Fri, 24 Jan 2014, Daniel J Walsh wrote:

> I wrote a systemd unit file to enable it, and to allow a user to disable the
> feature if he wants.
>
> # cat /usr/lib/systemd/system/selinux-checkreqprot.service
> [Unit]
> Description=SELinux check actual protection flags applied by kernel, rather
> than checking what application requested.
>

What does this actually do/mean?

(Sorry if it's obvious, it isn't to me!)

--
Benjamin Lewis


More information about the devel mailing list