| Thomas Gleixner | ec8f24b | 2019-05-19 13:07:45 +0100 | [diff] [blame] | 1 | # SPDX-License-Identifier: GPL-2.0-only |
| Kees Cook | 2d51448 | 2011-12-21 12:17:04 -0800 | [diff] [blame] | 2 | config SECURITY_YAMA |
| 3 | bool "Yama support" |
| 4 | depends on SECURITY |
| Kees Cook | 2d51448 | 2011-12-21 12:17:04 -0800 | [diff] [blame] | 5 | default n |
| 6 | help |
| 7 | This selects Yama, which extends DAC support with additional |
| 8 | system-wide security settings beyond regular Linux discretionary |
| 9 | access controls. Currently available is ptrace scope restriction. |
| Kees Cook | 730daa1 | 2015-07-23 18:02:48 -0700 | [diff] [blame] | 10 | Like capabilities, this security module stacks with other LSMs. |
| Kees Cook | 90bb766 | 2017-05-13 04:51:47 -0700 | [diff] [blame] | 11 | Further information can be found in |
| 12 | Documentation/admin-guide/LSM/Yama.rst. |
| Kees Cook | 2d51448 | 2011-12-21 12:17:04 -0800 | [diff] [blame] | 13 | |
| 14 | If you are unsure how to answer this question, answer N. |