]> git.ipfire.org Git - thirdparty/systemd.git/commit - src/test/test-execute.c
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 06fb28b) | patch
core: set NoNewPrivileges for seccomp if we don't have CAP_SYS_ADMIN
authorRonny Chevalier <chevalier.ronny@gmail.com>
Sat, 30 Jan 2016 16:26:39 +0000 (17:26 +0100)
committerRonny Chevalier <chevalier.ronny@gmail.com>
Sun, 28 Feb 2016 13:44:26 +0000 (14:44 +0100)
commit19c0b0b9a5039b842cf9e6c3e7ece75fb8725602
tree0414f22ec6d435c0d23457280b067e4b897d8186tree | snapshot
parent06fb28b16eb4b6170c2e2c0cf1f673730309509bcommit | diff
core: set NoNewPrivileges for seccomp if we don't have CAP_SYS_ADMIN

The manpage of seccomp specify that using seccomp with
SECCOMP_SET_MODE_FILTER will return EACCES if the caller do not have
CAP_SYS_ADMIN set, or if the no_new_privileges bit is not set. Hence,
without NoNewPrivilege set, it is impossible to use a SystemCall*
directive with a User directive set in system mode.

Now, NoNewPrivileges is set if we are in user mode, or if we are in
system mode and we don't have CAP_SYS_ADMIN, and SystemCall*
directives are used.
Makefile.am diff | blob | blame | history
man/systemd.exec.xml diff | blob | blame | history
src/core/execute.c diff | blob | blame | history
src/test/test-execute.c diff | blob | blame | history
test/test-execute/exec-systemcallfilter-system-user.service [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.