diff options
author | Eric Paris <eparis@redhat.com> | 2012-01-03 12:25:15 -0500 |
---|---|---|
committer | Eric Paris <eparis@redhat.com> | 2012-01-05 18:52:54 -0500 |
commit | c7eba4a97563fd8b431787f7ad623444f2da80c6 (patch) | |
tree | 12041949c45c2f394d6a96041c39e07ad6df720b /security/security.c | |
parent | b7e724d303b684655e4ca3dabd5a6840ad19012d (diff) |
capabilities: introduce security_capable_noaudit
Exactly like security_capable except don't audit any denials. This is for
places where the kernel may make decisions about what to do if a task has a
given capability, but which failing that capability is not a sign of a
security policy violation. An example is checking if a task has
CAP_SYS_ADMIN to lower it's likelyhood of being killed by the oom killer.
This check is not a security violation if it is denied.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com>
Diffstat (limited to 'security/security.c')
-rw-r--r-- | security/security.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/security/security.c b/security/security.c index b9e57f4fc44a..b7edaae77d1d 100644 --- a/security/security.c +++ b/security/security.c | |||
@@ -160,6 +160,12 @@ int security_capable(const struct cred *cred, struct user_namespace *ns, | |||
160 | return security_ops->capable(cred, ns, cap, SECURITY_CAP_AUDIT); | 160 | return security_ops->capable(cred, ns, cap, SECURITY_CAP_AUDIT); |
161 | } | 161 | } |
162 | 162 | ||
163 | int security_capable_noaudit(const struct cred *cred, struct user_namespace *ns, | ||
164 | int cap) | ||
165 | { | ||
166 | return security_ops->capable(cred, ns, cap, SECURITY_CAP_NOAUDIT); | ||
167 | } | ||
168 | |||
163 | int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, | 169 | int security_real_capable(struct task_struct *tsk, struct user_namespace *ns, |
164 | int cap) | 170 | int cap) |
165 | { | 171 | { |