summaryrefslogtreecommitdiff
path: root/Documentation/security
diff options
context:
space:
mode:
authorKees Cook <keescook@chromium.org>2015-07-23 18:02:48 -0700
committerJames Morris <james.l.morris@oracle.com>2015-07-28 13:18:19 +1000
commit730daa164e7c7e31c08fab940549f4acc3329432 (patch)
tree8c125b404c785f8de46a04d4f43fccef6744f0a8 /Documentation/security
parentfe6c59dc17908effd4e2caa666795b9ad984005b (diff)
Yama: remove needless CONFIG_SECURITY_YAMA_STACKED
Now that minor LSMs can cleanly stack with major LSMs, remove the unneeded config for Yama to be made to explicitly stack. Just selecting the main Yama CONFIG will allow it to work, regardless of the major LSM. Since distros using Yama are already forcing it to stack, this is effectively a no-op change. Additionally add MAINTAINERS entry. Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <james.l.morris@oracle.com>
Diffstat (limited to 'Documentation/security')
-rw-r--r--Documentation/security/Yama.txt10
1 files changed, 4 insertions, 6 deletions
diff --git a/Documentation/security/Yama.txt b/Documentation/security/Yama.txt
index 227a63f018a2..d9ee7d7a6c7f 100644
--- a/Documentation/security/Yama.txt
+++ b/Documentation/security/Yama.txt
@@ -1,9 +1,7 @@
-Yama is a Linux Security Module that collects a number of system-wide DAC
-security protections that are not handled by the core kernel itself. To
-select it at boot time, specify "security=yama" (though this will disable
-any other LSM).
-
-Yama is controlled through sysctl in /proc/sys/kernel/yama:
+Yama is a Linux Security Module that collects system-wide DAC security
+protections that are not handled by the core kernel itself. This is
+selectable at build-time with CONFIG_SECURITY_YAMA, and can be controlled
+at run-time through sysctls in /proc/sys/kernel/yama:
- ptrace_scope