Demo/Linux_Drivers
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
76e5db15c8a919e8015bbd80a878647dba69b66f
Linux_Drivers/linux_5.10/security/safesetid/Kconfig
sam.xiang 5c7dd7acc3 [linux] create linux_5.10.4 from T-head official: 
repo: https://github.com/T-head-Semi/linux
	commit: b1313fe517ca3703119dcc99ef3bbf75ab42bcfb

Change-Id: I6cbb35294024ea3a66140e311f4bb705fd7fd626
2023-03-10 20:32:41 +08:00

16 lines
709 B
Plaintext
Raw Blame History

# SPDX-License-Identifier: GPL-2.0-only
config SECURITY_SAFESETID
bool "Gate setid transitions to limit CAP_SET{U/G}ID capabilities"
depends on SECURITY
select SECURITYFS
default n
help
SafeSetID is an LSM module that gates the setid family of syscalls to
restrict UID/GID transitions from a given UID/GID to only those
approved by a system-wide whitelist. These restrictions also prohibit
the given UIDs/GIDs from obtaining auxiliary privileges associated
with CAP_SET{U/G}ID, such as allowing a user to set up user namespace
UID mappings.
If you are unsure how to answer this question, answer N.
Reference in New Issue View Git Blame Copy Permalink