git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/commit

]> git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/commit

projects / mirror_ubuntu-zesty-kernel.git / commit

author	John Johansen <john.johansen@canonical.com>
	Sat, 31 Dec 2016 11:55:30 +0000 (03:55 -0800)
committer	Tim Gardner <tim.gardner@canonical.com>
	Mon, 20 Feb 2017 03:57:58 +0000 (20:57 -0700)
commit	7a29e15b412487309284c671342b6df11c8305b2
tree	7cd25690eee908f82ad8099ec4f7b10ed2fb9481	tree
parent	21c9d3b055706c4b0240e2b9ad88629878e46c83	commit \| diff

UBUNTU: SAUCE: apparmor: Fix no_new_privs blocking change_onexec when using stacked namespaces

Push the no_new_privs logic into the per profile transition fns, so
that the no_new_privs check can be done at the ns level instead of the
aggregate stack level.

BugLink: http://bugs.launchpad.net/bugs/1648143
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>

security/apparmor/domain.c

diff | blob | blame | history

ubuntu-zesty-kernel mirror

RSS Atom