summaryrefslogtreecommitdiff
path: root/fs/udf
diff options
context:
space:
mode:
authorMikhail Kurinnoi <viewizard@viewizard.com>2017-01-27 19:23:01 +0300
committerMimi Zohar <zohar@linux.vnet.ibm.com>2017-03-13 07:01:24 -0400
commit3dd0c8d06511c7c61c62305fcf431ca28884d263 (patch)
tree53dd75846d5bc3ac098bd9fdd08c94ae804c22a2 /fs/udf
parent1ac202e978e18f045006d75bd549612620c6ec3a (diff)
ima: provide ">" and "<" operators for fowner/uid/euid rules.
For now we have only "=" operator for fowner/uid/euid rules. This patch provide two more operators - ">" and "<" in order to make fowner/uid/euid rules more flexible. Examples of usage. Appraise all files owned by special and system users (SYS_UID_MAX 999): appraise fowner<1000 Don't appraise files owned by normal users (UID_MIN 1000): dont_appraise fowner>999 Appraise all files owned by users with UID 1000-1010: dont_appraise fowner>1010 appraise fowner>999 Changelog v3: - Removed code duplication in ima_parse_rule(). - Fix ima_policy_show() - (Mimi) Changelog v2: - Fixed default policy rules. Signed-off-by: Mikhail Kurinnoi <viewizard@viewizard.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> security/integrity/ima/ima_policy.c | 115 +++++++++++++++++++++++++++--------- 1 file changed, 87 insertions(+), 28 deletions(-)
Diffstat (limited to 'fs/udf')
0 files changed, 0 insertions, 0 deletions