Revert "proc: smaps: Allow smaps access for CAP_SYS_RESOURCE" - xavi/android_kernel_m2note - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Daniel Mentz <danielmentz@google.com>	2017-07-07 12:02:15 -0700
committer	Mister Oyster <oysterized@gmail.com>	2017-07-11 13:47:08 +0200
commit	8eb6031c4e2f12719983a5b8c42499e799263d00 (patch)
tree	2c9a31ab6fac532fc0ba1e7254123eb3d1abd18e /include/linux/debugobjects.h
parent	a66b6e388a3d55080414862d1b6920d4d2fca4ca (diff)

Revert "proc: smaps: Allow smaps access for CAP_SYS_RESOURCE"

This reverts commit d590b5b6953304edb000de90335a3b4838b2482c. This fixes CVE-2017-0710. SELinux allows more fine grained control: We grant processes that need access to smaps CAP_SYS_PTRACE but prohibit them from using ptrace attach(). Bug: 34951864 Bug: 36468447 Change-Id: I081033cf8fd7058b41cb464200b544e24651372d Signed-off-by: Daniel Mentz <danielmentz@google.com>

Diffstat (limited to 'include/linux/debugobjects.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: