OpenCloudOS-Kernel/Documentation/security
Mickaël Salaün 3e52e5b077
landlock: Explain file descriptor access rights
Starting with LANDLOCK_ACCESS_FS_TRUNCATE, it is worth explaining why we
choose to restrict access checks at open time.  This new "File
descriptor access rights" section is complementary to the existing
"Inode access rights" section.  Add a new guiding principle related to
this section.

Reviewed-by: Günther Noack <gnoack3000@gmail.com>
Link: https://lore.kernel.org/r/20221209193813.972012-1-mic@digikod.net
[mic: Include the latest Günther's suggestion, and fix spelling]
Signed-off-by: Mickaël Salaün <mic@digikod.net>
2023-01-13 20:40:35 +01:00
..
keys KEYS: encrypted: fix key instantiation with user-provided data 2022-10-19 13:01:23 -04:00
secrets Documentation: KVM: update amd-memory-encryption.rst references 2022-07-07 13:09:59 -06:00
tpm Documentation: drop optional BOMs 2021-05-10 15:17:34 -06:00
IMA-templates.rst ima: support fs-verity file digest based version 3 signatures 2022-05-05 17:41:51 -04:00
SCTP.rst docs: fix 'make htmldocs' warning in SCTP.rst 2022-02-28 11:09:10 -05:00
credentials.rst Documentation: remove current_security() reference 2020-09-09 11:33:59 -06:00
digsig.rst docs: move digsig docs to the security book 2020-05-15 12:03:48 -06:00
index.rst docs: security: Add secrets/coco documentation 2022-04-13 19:11:20 +02:00
landlock.rst landlock: Explain file descriptor access rights 2023-01-13 20:40:35 +01:00
lsm-development.rst Documentation: Replace lkml.org links with lore 2021-01-11 12:47:38 -07:00
lsm.rst Documentation: LSM: Correct the basic LSM description 2020-05-25 18:59:59 -06:00
sak.rst docs: security: move some books to it and update 2019-07-15 11:03:01 -03:00
self-protection.rst docs: update self-protection __ro_after_init status 2021-12-10 14:02:06 -07:00
siphash.rst Documentation: siphash: Fix typo in the name of offsetofend macro 2022-07-13 14:01:22 -06:00