[yocto] Application Whitelisting on Yocto?
Khem Raj
raj.khem at gmail.com
Fri Nov 20 15:35:02 PST 2015
On Fri, Nov 20, 2015 at 12:22 PM, Schaaf, Jonathan P (GE Healthcare)
<jonathan.P.schaaf at ge.com> wrote:
> Hi Everyone,
>
> I'm relatively new to Yocto, and am starting to work on a project that is pretty minimalistic. Other than busybox, there will only be a handful of running services and executables. I'd like to use some sort of application whitelisting technology to help keep the system secure. My google-foo is insufficient to reveal any options that are "simple." Does anyone on the list have suggestions? I'd strongly prefer to avoid experimental kernel patches, and I'd also prefer to avoid trying to create an selinux policy from scratch... unless that's a lot easier to do than I think it would be.
what do you mean when you say minimalistic and application
whitelisting in one go. If you control the metadata then they would be
same every time you build them and if you don't change your image once
put together lets say ( core-image-minimal) then it stays what it
assemble's together. So may be you should refine your question if you
need more info
>
> Thoughts?
>
> Jonathan
> --
> _______________________________________________
> yocto mailing list
> yocto at yoctoproject.org
> https://lists.yoctoproject.org/listinfo/yocto
More information about the yocto
mailing list