LinSec Configuration Process

LinSec mandatory security policy can be fully configured at runtime, without the need for system to be rebooted. In addition to storing configuration data on stable storage, as outlined in Section 5.3, the data can also be fed to the running kernel through /proc file system interface implemented by LinSec. The changes in configuration can, thus, have an immediate effect. In case of manipulation of LinSec user configuration data, privilege revocation for all of the processes owned by the user in question takes place atomically (Subsections 5.8.6, 5.9.4). LinSec /proc runtime configuration interface caters for creation, modification and deletion of any of the mandatory security policy elements specified in Section 4.5.