X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=security%2FKconfig;h=dcf04a09185de5fbd3507e221de81abbe9be90f1;hb=6a77f38946aaee1cd85eeec6cf4229b204c15071;hp=ddde53ba6234536475a72ebaeb8a4d71482d6c51;hpb=c7b5ebbddf7bcd3651947760f423e3783bbe6573;p=linux-2.6.git diff --git a/security/Kconfig b/security/Kconfig index ddde53ba6..dcf04a091 100644 --- a/security/Kconfig +++ b/security/Kconfig @@ -4,6 +4,35 @@ menu "Security options" +config KEYS + bool "Enable access key retention support" + help + This option provides support for retaining authentication tokens and + access keys in the kernel. + + It also includes provision of methods by which such keys might be + associated with a process so that network filesystems, encryption + support and the like can find them. + + Furthermore, a special type of key is available that acts as keyring: + a searchable sequence of keys. Each process is equipped with access + to five standard keyrings: UID-specific, GID-specific, session, + process and thread. + + If you are unsure as to whether this is required, answer N. + +config KEYS_DEBUG_PROC_KEYS + bool "Enable the /proc/keys file by which all keys may be viewed" + depends on KEYS + help + This option turns on support for the /proc/keys file through which + all the keys on the system can be listed. + + This option is a slight security risk in that it makes it possible + for anyone to see all the keys on the system. Normally the manager + pretends keys that are inaccessible to a process don't exist as far + as that process is concerned. + config SECURITY bool "Enable different security models" help @@ -44,6 +73,18 @@ config SECURITY_ROOTPLUG If you are unsure how to answer this question, answer N. +config SECURITY_SECLVL + tristate "BSD Secure Levels" + depends on SECURITY + select CRYPTO + select CRYPTO_SHA1 + help + Implements BSD Secure Levels as an LSM. See + for instructions on how to use this + module. + + If you are unsure how to answer this question, answer N. + source security/selinux/Kconfig endmenu