Bug#869565: Please enable IMA signature validation
Package: linux
Severity: wishlist
IMA signature validation allows systems to be configured to refuse to
run binaries that don't have valid matching IMA signatures. This does
nothing unless a corresponding policy is loaded.
diff --git a/debian/config/config b/debian/config/config
index 632d3b402..0289bdafe 100644
--- a/debian/config/config
+++ b/debian/config/config
@@ -7091,7 +7091,8 @@ CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y
## file: security/integrity/Kconfig
##
CONFIG_INTEGRITY=y
-# CONFIG_INTEGRITY_SIGNATURE is not set
+CONFIG_INTEGRITY_SIGNATURE=y
+CONFIG_INTEGRITY_ASYMMETRIC_KEYS=y
CONFIG_INTEGRITY_AUDIT=y
##
Reply to: