[redhat-lspp] Syscalls questions
David Howells
dhowells at redhat.com
Thu Jun 29 09:16:36 UTC 2006
Klaus Weidner <klaus at atsec.com> wrote:
> The testing would be for compliance with LSPP, in this case that the
> syscalls properly implement mandatory access control and generate correct
> audit records.
And you think this testing _wouldn't_ be appropriate for the key management
interface?
> Is there any clean way to disable them at runtime for non-admins, maybe a
> SELinux constraint? It would save a lot of work for the evaluation...
Well, you can compile them out of your kernel.
David
More information about the redhat-lspp
mailing list