Skip to content
Commit 5294bac9 authored by Thomas Cedeno's avatar Thomas Cedeno Committed by Micah Morton
Browse files

LSM: SafeSetID: Add GID security policy handling 



The SafeSetID LSM has functionality for restricting setuid() calls based
on its configured security policies. This patch adds the analogous
functionality for setgid() calls. This is mostly a copy-and-paste change
with some code deduplication, plus slight modifications/name changes to
the policy-rule-related structs (now contain GID rules in addition to
the UID ones) and some type generalization since SafeSetID now needs to
deal with kgid_t and kuid_t types.

Signed-off-by: default avatarThomas Cedeno <thomascedeno@google.com>
Signed-off-by: default avatarMicah Morton <mortonm@chromium.org>
parent 111767c1
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment