summaryrefslogtreecommitdiffstats
path: root/net/compat.c
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2012-04-12 16:47:51 -0500
committerJames Morris <james.l.morris@oracle.com>2012-04-14 11:13:18 +1000
commitc29bceb3967398cf2ac8bf8edf9634fdb722df7d (patch)
tree9feaa5a8b78812e48fa9b4e9b8b939f06390bee8 /net/compat.c
parent259e5e6c75a910f3b5e656151dc602f53f9d7548 (diff)
downloadlinux-c29bceb3967398cf2ac8bf8edf9634fdb722df7d.tar.gz
linux-c29bceb3967398cf2ac8bf8edf9634fdb722df7d.tar.bz2
linux-c29bceb3967398cf2ac8bf8edf9634fdb722df7d.zip
Fix execve behavior apparmor for PR_{GET,SET}_NO_NEW_PRIVS
Add support for AppArmor to explicitly fail requested domain transitions if NO_NEW_PRIVS is set and the task is not unconfined. Transitions from unconfined are still allowed because this always results in a reduction of privileges. Acked-by: Eric Paris <eparis@redhat.com> Signed-off-by: Will Drewry <wad@chromium.org> Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Andy Lutomirski <luto@amacapital.net> v18: new acked-by, new description Signed-off-by: James Morris <james.l.morris@oracle.com>
Diffstat (limited to 'net/compat.c')
0 files changed, 0 insertions, 0 deletions