diff options
| author | Edward Tomasz Napierala <trasz@FreeBSD.org> | 2021-07-01 08:11:11 +0000 |
|---|---|---|
| committer | Edward Tomasz Napierala <trasz@FreeBSD.org> | 2021-07-01 08:42:07 +0000 |
| commit | db8d680ebe9b12c7d9e0eb8bf9940fcef709f5ec (patch) | |
| tree | 6b79578d1151497014969da1fda0b35f72c4c7db /sys/sys/proc.h | |
| parent | 93c3453f11c9bc99ae482565b3a3f29b39ab8f62 (diff) | |
| download | src-db8d680ebe9b12c7d9e0eb8bf9940fcef709f5ec.tar.gz src-db8d680ebe9b12c7d9e0eb8bf9940fcef709f5ec.zip | |
procctl(2): add PROC_NO_NEW_PRIVS_CTL, PROC_NO_NEW_PRIVS_STATUS
This introduces a new, per-process flag, "NO_NEW_PRIVS", which
is inherited, preserved on exec, and cannot be cleared. The flag,
when set, makes subsequent execs ignore any SUID and SGID bits,
instead executing those binaries as if they not set.
The main purpose of the flag is implementation of Linux
PROC_SET_NO_NEW_PRIVS prctl(2), and possibly also unpriviledged
chroot.
Reviewed By: kib
Sponsored By: EPSRC
Differential Revision: https://reviews.freebsd.org/D30939
Diffstat (limited to 'sys/sys/proc.h')
| -rw-r--r-- | sys/sys/proc.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/sys/sys/proc.h b/sys/sys/proc.h index 19e8d76c6f99..9813324bfa69 100644 --- a/sys/sys/proc.h +++ b/sys/sys/proc.h @@ -835,6 +835,7 @@ struct proc { after exec */ #define P2_ITSTOPPED 0x00002000 #define P2_PTRACEREQ 0x00004000 /* Active ptrace req */ +#define P2_NO_NEW_PRIVS 0x00008000 /* Ignore setuid */ /* Flags protected by proctree_lock, kept in p_treeflags. */ #define P_TREE_ORPHANED 0x00000001 /* Reparented, on orphan list */ |