mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-19 02:04:19 +08:00
aeca4e2ca6
SafeSetID gates the setid family of syscalls to restrict UID/GID transitions from a given UID/GID to only those approved by a system-wide whitelist. These restrictions also prohibit the given UIDs/GIDs from obtaining auxiliary privileges associated with CAP_SET{U/G}ID, such as allowing a user to set up user namespace UID mappings. For now, only gating the set*uid family of syscalls is supported, with support for set*gid coming in a future patch set. Signed-off-by: Micah Morton <mortonm@chromium.org> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <james.morris@microsoft.com>
34 lines
932 B
C
34 lines
932 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* SafeSetID Linux Security Module
|
|
*
|
|
* Author: Micah Morton <mortonm@chromium.org>
|
|
*
|
|
* Copyright (C) 2018 The Chromium OS Authors.
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License version 2, as
|
|
* published by the Free Software Foundation.
|
|
*
|
|
*/
|
|
#ifndef _SAFESETID_H
|
|
#define _SAFESETID_H
|
|
|
|
#include <linux/types.h>
|
|
|
|
/* Flag indicating whether initialization completed */
|
|
extern int safesetid_initialized;
|
|
|
|
/* Function type. */
|
|
enum safesetid_whitelist_file_write_type {
|
|
SAFESETID_WHITELIST_ADD, /* Add whitelist policy. */
|
|
SAFESETID_WHITELIST_FLUSH, /* Flush whitelist policies. */
|
|
};
|
|
|
|
/* Add entry to safesetid whitelist to allow 'parent' to setid to 'child'. */
|
|
int add_safesetid_whitelist_entry(kuid_t parent, kuid_t child);
|
|
|
|
void flush_safesetid_whitelist_entries(void);
|
|
|
|
#endif /* _SAFESETID_H */
|