mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
synced 2025-01-10 15:58:47 +00:00
aeca4e2ca6
SafeSetID gates the setid family of syscalls to restrict UID/GID
transitions from a given UID/GID to only those approved by a
system-wide whitelist. These restrictions also prohibit the given
UIDs/GIDs from obtaining auxiliary privileges associated with
CAP_SET{U/G}ID, such as allowing a user to set up user namespace UID
mappings. For now, only gating the set*uid family of syscalls is
supported, with support for set*gid coming in a future patch set.
Signed-off-by: Micah Morton <mortonm@chromium.org>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <james.morris@microsoft.com>
13 lines
615 B
Plaintext
13 lines
615 B
Plaintext
config SECURITY_SAFESETID
|
|
bool "Gate setid transitions to limit CAP_SET{U/G}ID capabilities"
|
|
default n
|
|
help
|
|
SafeSetID is an LSM module that gates the setid family of syscalls to
|
|
restrict UID/GID transitions from a given UID/GID to only those
|
|
approved by a system-wide whitelist. These restrictions also prohibit
|
|
the given UIDs/GIDs from obtaining auxiliary privileges associated
|
|
with CAP_SET{U/G}ID, such as allowing a user to set up user namespace
|
|
UID mappings.
|
|
|
|
If you are unsure how to answer this question, answer N.
|