projects / cascardo / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4630b09) | patch
Yama: add PR_SET_PTRACER_ANY
authorKees Cook <keescook@chromium.org>
Fri, 20 Jan 2012 19:07:16 +0000 (11:07 -0800)
committerGrant Grundler <grundler@google.com>
Thu, 24 May 2012 22:16:44 +0000 (15:16 -0700)
commit3bc552fdb8256c07105970fefd3a81d3a5e5679a
treea895cb90433c1c98d76575d7080e2568f23c293etree | snapshot
parent4630b09f9d362feda0448340a142714ab4ac80aacommit | diff
Yama: add PR_SET_PTRACER_ANY

For a process to entirely disable ptrace restrictions, it can use the
special PR_SET_PTRACER_ANY pid to indicate that any otherwise allowed
process may ptrace it. This is stronger than calling PR_SET_PTRACER with
pid "1" because it includes processes in external pid namespaces.

BUG=chromium-os:25271
TEST=x86-alex build, boot, passes updated security_ptraceRestrictions.
STATUS=Fixed

Change-Id: I7a09a388f7b9b528cada04c752174edba2cf18ea
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/14602
Reviewed-by: Mandeep Singh Baines <msb@chromium.org>
Reviewed-by: Olof Johansson <olofj@chromium.org>
security/yama/yama_lsm.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.