Fix execve behavior apparmor for PR_{GET,SET}_NO_NEW_PRIVS
authorJohn Johansen <john.johansen@canonical.com>
Thu, 12 Apr 2012 21:47:51 +0000 (16:47 -0500)
committerJames Morris <james.l.morris@oracle.com>
Sat, 14 Apr 2012 01:13:18 +0000 (11:13 +1000)
commitc29bceb3967398cf2ac8bf8edf9634fdb722df7d
tree9feaa5a8b78812e48fa9b4e9b8b939f06390bee8
parent259e5e6c75a910f3b5e656151dc602f53f9d7548
Fix execve behavior apparmor for PR_{GET,SET}_NO_NEW_PRIVS

Add support for AppArmor to explicitly fail requested domain transitions
if NO_NEW_PRIVS is set and the task is not unconfined.

Transitions from unconfined are still allowed because this always results
in a reduction of privileges.

Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Will Drewry <wad@chromium.org>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Andy Lutomirski <luto@amacapital.net>

v18: new acked-by, new description
Signed-off-by: James Morris <james.l.morris@oracle.com>
security/apparmor/domain.c