5294bac97e
The SafeSetID LSM has functionality for restricting setuid() calls based on its configured security policies. This patch adds the analogous functionality for setgid() calls. This is mostly a copy-and-paste change with some code deduplication, plus slight modifications/name changes to the policy-rule-related structs (now contain GID rules in addition to the UID ones) and some type generalization since SafeSetID now needs to deal with kgid_t and kuid_t types. Signed-off-by: Thomas Cedeno <thomascedeno@google.com> Signed-off-by: Micah Morton <mortonm@chromium.org> |
||
|---|---|---|
| .. | ||
| LoadPin.rst | ||
| SELinux.rst | ||
| SafeSetID.rst | ||
| Smack.rst | ||
| Yama.rst | ||
| apparmor.rst | ||
| index.rst | ||
| tomoyo.rst | ||