git: kernel - Add per-process capability-based restrictions (4)
Matthew Dillon
dillon at crater.dragonflybsd.org
Mon Oct 16 15:15:14 PDT 2023
commit a44776b2e76cf2f7785c07410679a378246889bc
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Mon Oct 16 15:13:49 2023 -0700
kernel - Add per-process capability-based restrictions (4)
* Add __SYSCAP_NOROOTTEST for /dev/mem and /dev/kmem, allowing
non-root users access when run via suid or sgid programs. Fixes
top.
* Will still disallow access inside a jail or via RESTRICTEDROOT,
as intended.
Summary of changes:
sys/kern/kern_caps.c | 7 +++++--
sys/kern/kern_memio.c | 6 ++++--
sys/sys/caps.h | 1 +
3 files changed, 10 insertions(+), 4 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a44776b2e76cf2f7785c07410679a378246889bc
--
DragonFly BSD source repository
More information about the Commits
mailing list