Searched refs:securebits (Results 1 – 8 of 8) sorted by relevance
9 ``SECBIT_EXEC_RESTRICT_FILE`` and ``SECBIT_EXEC_DENY_INTERACTIVE`` securebits14 Whether an interpreter should check these securebits or not depends on the19 enlighten to use these securebits and let users define their security policy.25 ``AT_EXECVE_CHECK`` without checking the related securebits if backward28 for script interpreters and dynamic linkers to check the securebits at run time76 securebits but without relying on any other user-controlled configuration.77 Indeed, the use case for these securebits is to only trust executable code82 environment variables as long as it is not a way to disable the securebits103 of any exec securebits:
23 #include <linux/securebits.h>984 new->securebits &= ~issecure_mask(SECURE_KEEP_CAPS); in cap_bprm_creds_from_file() 1326 if ((((old->securebits & SECURE_ALL_LOCKS) >> 1) in cap_task_prctl() 1327 & (old->securebits ^ arg2)) /*[1]*/ in cap_task_prctl() 1328 || ((old->securebits & SECURE_ALL_LOCKS & ~arg2)) /*[2]*/ in cap_task_prctl() 1351 const unsigned long changed = old->securebits ^ arg2; in cap_task_prctl() 1365 new->securebits = arg2; in cap_task_prctl() 1369 return old->securebits; in cap_task_prctl() 1384 new->securebits |= issecure_mask(SECURE_KEEP_CAPS); in cap_task_prctl() 1386 new->securebits in cap_task_prctl() [all...]
7 #define issecure(X) (issecure_mask(X) & current_cred_xxx(securebits))
121 unsigned securebits; /* SUID-less security management */ member
150 3. 安全管理标记(securebits)
941 new->securebits = old->securebits; in key_change_session_keyring()
54 .securebits = SECUREBITS_DEFAULT,
173 3. Secure management flags (securebits).