1config SECURITY_SMACK 2 bool "Simplified Mandatory Access Control Kernel Support" 3 depends on NET 4 depends on INET 5 depends on SECURITY 6 select NETLABEL 7 select SECURITY_NETWORK 8 default n 9 help 10 This selects the Simplified Mandatory Access Control Kernel. 11 Smack is useful for sensitivity, integrity, and a variety 12 of other mandatory security schemes. 13 If you are unsure how to answer this question, answer N. 14 15config SECURITY_SMACK_BRINGUP 16 bool "Reporting on access granted by Smack rules" 17 depends on SECURITY_SMACK 18 default n 19 help 20 Enable the bring-up ("b") access mode in Smack rules. 21 When access is granted by a rule with the "b" mode a 22 message about the access requested is generated. The 23 intention is that a process can be granted a wide set 24 of access initially with the bringup mode set on the 25 rules. The developer can use the information to 26 identify which rules are necessary and what accesses 27 may be inappropriate. The developer can reduce the 28 access rule set once the behavior is well understood. 29 This is a superior mechanism to the oft abused 30 "permissive" mode of other systems. 31 If you are unsure how to answer this question, answer N. 32 33config SECURITY_SMACK_NETFILTER 34 bool "Packet marking using secmarks for netfilter" 35 depends on SECURITY_SMACK 36 depends on NETWORK_SECMARK 37 depends on NETFILTER 38 default n 39 help 40 This enables security marking of network packets using 41 Smack labels. 42 If you are unsure how to answer this question, answer N. 43