diff options
| author | Rafal Krypa <r.krypa@samsung.com> | 2012-07-11 11:49:30 -0400 |
|---|---|---|
| committer | Casey Schaufler <casey@schaufler-ca.com> | 2012-09-18 12:50:52 -0400 |
| commit | 449543b0436a9146b855aad39eab76ae4853e88d (patch) | |
| tree | 1b430fec0506e78929cfd944972d7dd49d0f76fd /Documentation/security | |
| parent | c00bedb368ae02a066aed8a888afc286c1df2e60 (diff) | |
Smack: implement revoking all rules for a subject label
Add /smack/revoke-subject special file. Writing a SMACK label to this file will
set the access to '-' for all access rules with that subject label.
Targeted for git://git.gitorious.org/smack-next/kernel.git
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Diffstat (limited to 'Documentation/security')
| -rw-r--r-- | Documentation/security/Smack.txt | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/Documentation/security/Smack.txt b/Documentation/security/Smack.txt index a416479b8a1c..e68536d85680 100644 --- a/Documentation/security/Smack.txt +++ b/Documentation/security/Smack.txt | |||
| @@ -194,6 +194,9 @@ onlycap | |||
| 194 | these capabilities are effective at for processes with any | 194 | these capabilities are effective at for processes with any |
| 195 | label. The value is set by writing the desired label to the | 195 | label. The value is set by writing the desired label to the |
| 196 | file or cleared by writing "-" to the file. | 196 | file or cleared by writing "-" to the file. |
| 197 | revoke-subject | ||
| 198 | Writing a Smack label here sets the access to '-' for all access | ||
| 199 | rules with that subject label. | ||
| 197 | 200 | ||
| 198 | You can add access rules in /etc/smack/accesses. They take the form: | 201 | You can add access rules in /etc/smack/accesses. They take the form: |
| 199 | 202 | ||