commit | f850a7c040d9faafb41bceb0a05d6bb7432c8c7a | [log] [tgz] |
---|---|---|
author | Eric Paris <eparis@redhat.com> | Tue May 12 15:13:55 2009 -0400 |
committer | James Morris <jmorris@namei.org> | Fri May 15 09:55:41 2009 +1000 |
tree | e4e1fa97be0bd3e749f993b99d18746c8a9737ba | |
parent | b103387037cea2ba0f04b44d408d54c53f678061 [diff] |
IMA: remove read permissions on the ima policy file The IMA policy file does not implement read. Trying to just open/read/close the file will load a blank policy and you cannot then change the policy without a reboot. This removes the read permission from the file so one must at least be attempting to write... Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>