projects / cascardo / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3a6174a) | patch
CHROMIUM: security: Yama: add link restrictions
authorKees Cook <keescook@chromium.org>
Wed, 30 Nov 2011 22:20:13 +0000 (14:20 -0800)
committerGrant Grundler <grundler@google.com>
Thu, 24 May 2012 22:16:44 +0000 (15:16 -0700)
commit4630b09f9d362feda0448340a142714ab4ac80aa
treee6421ca48522d26034bdac25b8d8f89fa6bb4f98tree | snapshot
parent3a6174a859a0349a13cbd57ec75ac1c4181a16cecommit | diff
CHROMIUM: security: Yama: add link restrictions

Add symlink and hardlink restrictions that have shown real-world security
benefits, along with sysctl knobs to control them.

BUG=chromium-os:22137
TEST=x86-alex build, boot, suite_Smoke passes, logging_UserCrash passes,
 security_SymlinkRestrictions, security_HardlinkRestrictions,
 security_ptraceRestriction.

Change-Id: I983e711f2f7c74b2f30d632b9fea4761637523e9
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/12407
Reviewed-by: Olof Johansson <olofj@chromium.org>
[ 3.4-rc5: added many #include to fix missing types --grundler]
Documentation/security/Yama.txt diff | blob | history
include/linux/pid_namespace.h diff | blob | history
include/linux/security.h diff | blob | history
kernel/pid.c diff | blob | history
kernel/pid_namespace.c diff | blob | history
security/security.c diff | blob | history
security/yama/Kconfig diff | blob | history
security/yama/yama_lsm.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.