| Kees Cook | 2d51448 | 2011-12-21 12:17:04 -0800 | [diff] [blame] | 1 | config SECURITY_YAMA |
| 2 | bool "Yama support" |
| 3 | depends on SECURITY |
| 4 | select SECURITYFS |
| 5 | select SECURITY_PATH |
| 6 | default n |
| 7 | help |
| 8 | This selects Yama, which extends DAC support with additional |
| 9 | system-wide security settings beyond regular Linux discretionary |
| 10 | access controls. Currently available is ptrace scope restriction. |
| 11 | Further information can be found in Documentation/security/Yama.txt. |
| 12 | |
| 13 | If you are unsure how to answer this question, answer N. |
| Kees Cook | c6993e4 | 2012-09-04 13:32:13 -0700 | [diff] [blame] | 14 | |
| 15 | config SECURITY_YAMA_STACKED |
| 16 | bool "Yama stacked with other LSMs" |
| 17 | depends on SECURITY_YAMA |
| 18 | default n |
| 19 | help |
| 20 | When Yama is built into the kernel, force it to stack with the |
| 21 | selected primary LSM. |