diff options
Diffstat (limited to 'init/Kconfig')
| -rw-r--r-- | init/Kconfig | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/init/Kconfig b/init/Kconfig index a075765d5fbe..5ad8b775f2ac 100644 --- a/init/Kconfig +++ b/init/Kconfig | |||
| @@ -372,6 +372,20 @@ config AUDIT_TREE | |||
| 372 | depends on AUDITSYSCALL | 372 | depends on AUDITSYSCALL |
| 373 | select FSNOTIFY | 373 | select FSNOTIFY |
| 374 | 374 | ||
| 375 | config AUDIT_LOGINUID_IMMUTABLE | ||
| 376 | bool "Make audit loginuid immutable" | ||
| 377 | depends on AUDIT | ||
| 378 | help | ||
| 379 | The config option toggles if a task setting it's loginuid requires | ||
| 380 | CAP_SYS_AUDITCONTROL or if that task should require no special permissions | ||
| 381 | but should instead only allow setting its loginuid if it was never | ||
| 382 | previously set. On systems which use systemd or a similar central | ||
| 383 | process to restart login services this should be set to true. On older | ||
| 384 | systems in which an admin would typically have to directly stop and | ||
| 385 | start processes this should be set to false. Setting this to true allows | ||
| 386 | one to drop potentially dangerous capabilites from the login tasks, | ||
| 387 | but may not be backwards compatible with older init systems. | ||
| 388 | |||
| 375 | source "kernel/irq/Kconfig" | 389 | source "kernel/irq/Kconfig" |
| 376 | 390 | ||
| 377 | menu "RCU Subsystem" | 391 | menu "RCU Subsystem" |