summary |
shortlog |
log |
commit | commitdiff |
review |
tree
raw |
patch |
inline | side by side (from parent 1:
8bba250)
Bug-AGL:SPEC-4188
Signed-off-by: Qiu Tingting <qiutt@fujitsu.com>
Change-Id: I25be4702acb64be59b9d79cf5a46354c8302ea8e
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/documentation/+/27051
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
the *security=none* flag, then SMACK is not enabled. Furthermore, `systemd`
starts the loading of **SMACK** rules during start-up. If this start-up process
is interfered with, then **SMACK** will not run. Alternatively, new policies can
the *security=none* flag, then SMACK is not enabled. Furthermore, `systemd`
starts the loading of **SMACK** rules during start-up. If this start-up process
is interfered with, then **SMACK** will not run. Alternatively, new policies can
-be added with `smackload` allowing unforseen privileges to alternative
+be added with `smackload` allowing unforeseen privileges to alternative
applications/executables.
Another intrusion on the kernel level is to rebuild the kernel (as it is
applications/executables.
Another intrusion on the kernel level is to rebuild the kernel (as it is
- e: Effective: This means the capability is “activated”.
- p: Permitted: This means the capability can be used/is allowed.
- i: Inherited: The capability is kept by child/subprocesses upon execve() for
- e: Effective: This means the capability is “activated”.
- p: Permitted: This means the capability can be used/is allowed.
- i: Inherited: The capability is kept by child/subprocesses upon execve() for
- example.
\ No newline at end of file