On Fri, 1 May 2020, Mickaël Salaün wrote: > > However, for fully controlled distros such as CLIP OS, it make sense to > enforce such restrictions at kernel build time. I can add an alternative > kernel configuration to enforce a particular policy at boot and disable > this sysctl.
Sounds good. -- James Morris <jmor...@namei.org>
