security: Yama LSM
This adds the Yama Linux Security Module to collect DAC security improvements (specifically just ptrace restrictions for now) that have existed in various forms over the years and have been carried outside the mainline kernel by other Linux distributions like Openwall and grsecurity. Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: John Johansen <john.johansen@canonical.com> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Kees Cook
James Morris
parent
1a2a4d06e1
commit
2d514487fa
8 changed files with 411 additions and 0 deletions
|
|
@ -114,4 +114,10 @@
|
|||
# define PR_SET_MM_START_BRK 6
|
||||
# define PR_SET_MM_BRK 7
|
||||
|
||||
/*
|
||||
* Set specific pid that is allowed to ptrace the current task.
|
||||
* A value of 0 mean "no process".
|
||||
*/
|
||||
#define PR_SET_PTRACER 0x59616d61
|
||||
|
||||
#endif /* _LINUX_PRCTL_H */
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue