diff options
| author | Greg Kroah-Hartman <greg@kroah.com> | 2002-12-17 23:09:33 -0800 |
|---|---|---|
| committer | Greg Kroah-Hartman <greg@kroah.com> | 2002-12-17 23:09:33 -0800 |
| commit | ad9947ac1d97d0d6e6bd9804077bcc1c8ada9e02 (patch) | |
| tree | f09c63a31acdc9c82f277e2dd9a2dea1e0bcb778 /security | |
| parent | 36d03f0b762df2e9ab98e9b12d8880b3d8063719 (diff) | |
| download | history-ad9947ac1d97d0d6e6bd9804077bcc1c8ada9e02.tar.gz | |
LSM: Fix up the description of the root_plug code to try to make it clearer.
Diffstat (limited to 'security')
| -rw-r--r-- | security/Kconfig | 7 | ||||
| -rw-r--r-- | security/root_plug.c | 3 |
2 files changed, 8 insertions, 2 deletions
diff --git a/security/Kconfig b/security/Kconfig index 5481048b6d4c0f..76d62c92176f83 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -27,8 +27,11 @@ config SECURITY_ROOTPLUG depends on SECURITY!=n help This is a sample LSM module that should only be used as such. - It enables control over processes being created by root users - if a specific USB device is not present in the system. + It prevents any programs running with egid == 0 if a specific + USB device is not present in the system. + + See <http://www.linuxjournal.com/article.php?sid=6279> for + more information about this module. If you are unsure how to answer this question, answer N. diff --git a/security/root_plug.c b/security/root_plug.c index bf076b3746aa72..b634f94e7b72d2 100644 --- a/security/root_plug.c +++ b/security/root_plug.c @@ -13,6 +13,9 @@ * If you want to turn this into something with a semblance of security, * you need to hook the task_* functions also. * + * See http://www.linuxjournal.com/article.php?sid=6279 for more information + * about this code. + * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License as * published by the Free Software Foundation, version 2 of the |