A security-module hook for user-namespace creation
A security-module hook for user-namespace creation
Posted Aug 8, 2022 19:43 UTC (Mon) by jrjohansen (subscriber, #75010)In reply to: A security-module hook for user-namespace creation by ballombe
Parent article: A security-module hook for user-namespace creation
As @rahulsundaram mentions below that isn't what the LSM is supposed to do. When vulnerabilities are found you still want to fix them regardless if they are stopped or mitigated by an LSM or any other hardening or security techniques.
LSMs can however stop, mitigate or contain an exploit reducing severity of a vulnerability, and hence reducing the priority of fixing a given CVE.