diff options
Diffstat (limited to 'docs/2_Architecture_Guides')
-rw-r--r-- | docs/2_Architecture_Guides/2_Security_Blueprint/5_Platform.md | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/docs/2_Architecture_Guides/2_Security_Blueprint/5_Platform.md b/docs/2_Architecture_Guides/2_Security_Blueprint/5_Platform.md index 917404b..2112fdc 100644 --- a/docs/2_Architecture_Guides/2_Security_Blueprint/5_Platform.md +++ b/docs/2_Architecture_Guides/2_Security_Blueprint/5_Platform.md @@ -653,7 +653,7 @@ vulnerable to attack. For example, if the kernel is stopped and restarted with the *security=none* flag, then SMACK is not enabled. Furthermore, `systemd` starts the loading of **SMACK** rules during start-up. If this start-up process is interfered with, then **SMACK** will not run. Alternatively, new policies can -be added with `smackload` allowing unforseen privileges to alternative +be added with `smackload` allowing unforeseen privileges to alternative applications/executables. Another intrusion on the kernel level is to rebuild the kernel (as it is @@ -918,4 +918,4 @@ a capability. These capabilities are divided into three groups: - e: Effective: This means the capability is “activated”. - p: Permitted: This means the capability can be used/is allowed. - i: Inherited: The capability is kept by child/subprocesses upon execve() for - example.
\ No newline at end of file + example. |