]> git.kernelconcepts.de Git - karo-tx-linux.git/commit
projects / karo-tx-linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0af04ba) | patch
samples/seccomp: Enable PR_SET_NO_NEW_PRIVS in dropper
authorRicky Zhou <rickyz@chromium.org>
Thu, 13 Oct 2016 17:34:08 +0000 (10:34 -0700)
committerKees Cook <keescook@chromium.org>
Tue, 1 Nov 2016 15:58:10 +0000 (08:58 -0700)
commit1ff120504f8c322a03fbce035d99e29e741da725
tree08c14543552cc15c4bd918ea0bd062483b6cfedatree | snapshot
parent0af04ba5640dd6318f117a9fcbfde886516a0220commit | diff
samples/seccomp: Enable PR_SET_NO_NEW_PRIVS in dropper

Either CAP_SYS_ADMIN or PR_SET_NO_NEW_PRIVS is required to enable
seccomp. This allows samples/seccomp/dropper to be run without
CAP_SYS_ADMIN.

Signed-off-by: Ricky Zhou <rickyz@chromium.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
samples/seccomp/dropper.c diff | blob | history
Linux kernel for KaRo TX COM modules