diff options
| author | Cyrill Gorcunov <[email protected]> | 2012-03-15 15:17:10 -0700 |
|---|---|---|
| committer | Linus Torvalds <[email protected]> | 2012-03-15 17:03:03 -0700 |
| commit | 79f0713d403c800db9d89134e2fd7f846e68d6ee (patch) | |
| tree | 0c59c69742d70080f08d3c42febdf51b8db236ad /net/lapb/lapb_timer.c | |
| parent | 9bbad7da76b3dd578fb55c862624366a8c9ccd22 (diff) | |
prctl: use CAP_SYS_RESOURCE for PR_SET_MM option
CAP_SYS_ADMIN is already overloaded left and right, so to have more
fine-grained access control use CAP_SYS_RESOURCE here.
The CAP_SYS_RESOUCE is chosen because this prctl option allows a current
process to adjust some fields of memory map descriptor which rather
represents what the process owns: pointers to code, data, stack
segments, command line, auxiliary vector data and etc.
Suggested-by: Michael Kerrisk <[email protected]>
Acked-by: Kees Cook <[email protected]>
Acked-by: Michael Kerrisk <[email protected]>
Cc: Pavel Emelyanov <[email protected]>
Cc: Tejun Heo <[email protected]>
Cc: Oleg Nesterov <[email protected]>
Cc: Paul Bolle <[email protected]>
Cc: KOSAKI Motohiro <[email protected]>
Signed-off-by: Cyrill Gorcunov <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
Diffstat (limited to 'net/lapb/lapb_timer.c')
0 files changed, 0 insertions, 0 deletions