aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorEdward Tomasz Napierala <trasz@FreeBSD.org>2021-07-01 08:11:11 +0000
committerEdward Tomasz Napierala <trasz@FreeBSD.org>2021-07-01 08:42:07 +0000
commitdb8d680ebe9b12c7d9e0eb8bf9940fcef709f5ec (patch)
tree6b79578d1151497014969da1fda0b35f72c4c7db /lib
parent93c3453f11c9bc99ae482565b3a3f29b39ab8f62 (diff)
downloadsrc-db8d680ebe9b12c7d9e0eb8bf9940fcef709f5ec.tar.gz
src-db8d680ebe9b12c7d9e0eb8bf9940fcef709f5ec.zip
procctl(2): add PROC_NO_NEW_PRIVS_CTL, PROC_NO_NEW_PRIVS_STATUS
This introduces a new, per-process flag, "NO_NEW_PRIVS", which is inherited, preserved on exec, and cannot be cleared. The flag, when set, makes subsequent execs ignore any SUID and SGID bits, instead executing those binaries as if they not set. The main purpose of the flag is implementation of Linux PROC_SET_NO_NEW_PRIVS prctl(2), and possibly also unpriviledged chroot. Reviewed By: kib Sponsored By: EPSRC Differential Revision: https://reviews.freebsd.org/D30939
Diffstat (limited to 'lib')
-rw-r--r--lib/libc/sys/procctl.227
1 files changed, 26 insertions, 1 deletions
diff --git a/lib/libc/sys/procctl.2 b/lib/libc/sys/procctl.2
index f85825d8cc6f..432ed5919a81 100644
--- a/lib/libc/sys/procctl.2
+++ b/lib/libc/sys/procctl.2
@@ -29,7 +29,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd June 13, 2020
+.Dd July 1, 2021
.Dt PROCCTL 2
.Os
.Sh NAME
@@ -564,6 +564,31 @@ Stack gaps are enabled in the process after
Stack gaps are disabled in the process after
.Xr execve 2 .
.El
+.It Dv PROC_NO_NEW_PRIVS_CTL
+Allows one to ignore the SUID and SGID bits on the program
+images activated by
+.Xr execve 2
+in the specified process and its future descendants.
+The
+.Fa data
+parameter must point to the integer variable holding the following
+value:
+.Bl -tag -width PROC_NO_NEW_PRIVS_ENABLE
+.It Dv PROC_NO_NEW_PRIVS_ENABLE
+Request SUID and SGID bits to be ignored.
+.El
+.Pp
+It is not possible to disable it once it has been enabled.
+.It Dv PROC_NO_NEW_PRIVS_STATUS
+Returns the current status of SUID/SGID enablement for the target process.
+The
+.Fa data
+parameter must point to the integer variable, where one of the
+following values is written:
+.Bl -tag -width PROC_NO_NEW_PRIVS_DISABLE
+.It Dv PROC_NO_NEW_PRIVS_ENABLE
+.It Dv PROC_NO_NEW_PRIVS_DISABLE
+.El
.El
.Sh x86 MACHINE-SPECIFIC REQUESTS
.Bl -tag -width PROC_KPTI_STATUS