diff options
author | James Morris <jmorris@namei.org> | 2009-01-05 08:56:01 +1100 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-01-05 08:56:01 +1100 |
commit | 5c8c40be4b5a2944483bfc1a45d6c3fa02551af3 (patch) | |
tree | d9a79fae500aa5172df7446a2c7a7bdd4e4d469c /security/selinux/Kconfig | |
parent | keys: fix sparse warning by adding __user annotation to cast (diff) | |
parent | smack: Add support for unlabeled network hosts and networks (diff) | |
download | linux-dev-5c8c40be4b5a2944483bfc1a45d6c3fa02551af3.tar.xz linux-dev-5c8c40be4b5a2944483bfc1a45d6c3fa02551af3.zip |
Merge branch 'master' of git://git.infradead.org/users/pcmoore/lblnet-2.6_next into next
Diffstat (limited to 'security/selinux/Kconfig')
-rw-r--r-- | security/selinux/Kconfig | 27 |
1 files changed, 0 insertions, 27 deletions
diff --git a/security/selinux/Kconfig b/security/selinux/Kconfig index 26301dd651d3..bca1b74a4a2f 100644 --- a/security/selinux/Kconfig +++ b/security/selinux/Kconfig @@ -94,33 +94,6 @@ config SECURITY_SELINUX_CHECKREQPROT_VALUE If you are unsure how to answer this question, answer 1. -config SECURITY_SELINUX_ENABLE_SECMARK_DEFAULT - bool "NSA SELinux enable new secmark network controls by default" - depends on SECURITY_SELINUX - default n - help - This option determines whether the new secmark-based network - controls will be enabled by default. If not, the old internal - per-packet controls will be enabled by default, preserving - old behavior. - - If you enable the new controls, you will need updated - SELinux userspace libraries, tools and policy. Typically, - your distribution will provide these and enable the new controls - in the kernel they also distribute. - - Note that this option can be overridden at boot with the - selinux_compat_net parameter, and after boot via - /selinux/compat_net. See Documentation/kernel-parameters.txt - for details on this parameter. - - If you enable the new network controls, you will likely - also require the SECMARK and CONNSECMARK targets, as - well as any conntrack helpers for protocols which you - wish to control. - - If you are unsure what to do here, select N. - config SECURITY_SELINUX_POLICYDB_VERSION_MAX bool "NSA SELinux maximum supported policy format version" depends on SECURITY_SELINUX |