commit | f552b8f7403bf535832e703641e8fcee6adf6630 | [log] [tgz] |
---|---|---|
author | Andrew G. Morgan <morgan@kernel.org> | Sat Dec 26 21:42:15 2020 -0800 |
committer | Andrew G. Morgan <morgan@kernel.org> | Sat Dec 26 21:42:15 2020 -0800 |
tree | 81e72e28a0d178f63230a0be600bd4c7c67ebcbf | |
parent | 0f0c1fe489ec0ca69891a7999f5bda1c91e02f92 [diff] |
Augment NOPRIV libcap mode with the sticky NO_NEW_PRIVS prctl bit. Since I last visited securebits no privs mode, a new prctl bit has been added (it isn't a securebit, but a parallel implementation of something similar). So, layer that bit on top of NOPRIV mode. Signed-off-by: Andrew G. Morgan <morgan@kernel.org>