Menu
▾
▴
Re: [Linux-ima-user] SML contains numbers in the filename-hint
|
From: Shaz <sha...@gm...> - 2011-04-13 11:14:32
|
On Wed, Apr 13, 2011 at 1:51 PM, Sohail Khan <soh...@gm...> wrote: > Updates: > > I've also upgraded my kernel to a newer version but the problem remains the > same. The templates ima-ng & ima-nglong deals with the larger digest size > and LSM subject/objects receptively. I guess these templates will not > resolve the issue on hand. > > The numbers in the measurement list shows process IDs as I double checked > it. The problem is that these process IDs changes almost every time on > executing the same process. > > Is there any way to exclude these PIDs from the measurements? > > Regards, Sohail can you check what processes are associated with these ids. Once the you know which processes they are then they can be excluded AFAI remember. I am enabling IMA on my lappy to check it out. By the way [1] can explain how you can control what should be measured and not measured. Having background with SELinux I would go for labeling these files and then use lsm ima_policy to control the required behavior. Take care. [1] http://www.mjmwired.net/kernel/Documentation/ABI/testing/ima_policy -- Shahbaz Khan R&D Engineer, Tactical Engineering and Consultancy. http://shazkhan.wordpress.com/ http://pk.linkedin.com/pub/shahbaz-khan/20/116/b49 http://imsciences.edu.pk/serg/ http://csrdu.org/ +92-91-332-9915828 |
