I want to turn on a part of the kernel to make SELinux checking more stringent.
ben.lewis at benl.co.uk
Fri Jan 24 15:34:55 UTC 2014
On Fri, 24 Jan 2014, Daniel J Walsh wrote:
> I wrote a systemd unit file to enable it, and to allow a user to disable the
> feature if he wants.
> # cat /usr/lib/systemd/system/selinux-checkreqprot.service
> Description=SELinux check actual protection flags applied by kernel, rather
> than checking what application requested.
What does this actually do/mean?
(Sorry if it's obvious, it isn't to me!)
More information about the devel