Searched refs:securebits (Results 1 – 8 of 8) sorted by relevance
9 ``SECBIT_EXEC_RESTRICT_FILE`` and ``SECBIT_EXEC_DENY_INTERACTIVE`` securebits14 Whether an interpreter should check these securebits or not depends on the19 enlighten to use these securebits and let users define their security policy.25 ``AT_EXECVE_CHECK`` without checking the related securebits if backward28 for script interpreters and dynamic linkers to check the securebits at run time76 securebits but without relying on any other user-controlled configuration.77 Indeed, the use case for these securebits is to only trust executable code82 environment variables as long as it is not a way to disable the securebits103 of any exec securebits:
994 new->securebits &= ~issecure_mask(SECURE_KEEP_CAPS); in cap_bprm_creds_from_file()1336 if ((((old->securebits & SECURE_ALL_LOCKS) >> 1) in cap_task_prctl()1337 & (old->securebits ^ arg2)) /*[1]*/ in cap_task_prctl()1338 || ((old->securebits & SECURE_ALL_LOCKS & ~arg2)) /*[2]*/ in cap_task_prctl()1361 const unsigned long changed = old->securebits ^ arg2; in cap_task_prctl()1375 new->securebits = arg2; in cap_task_prctl()1379 return old->securebits; in cap_task_prctl()1394 new->securebits |= issecure_mask(SECURE_KEEP_CAPS); in cap_task_prctl()1396 new->securebits &= ~issecure_mask(SECURE_KEEP_CAPS); in cap_task_prctl()
7 #define issecure(X) (issecure_mask(X) & current_cred_xxx(securebits))
123 unsigned securebits; /* SUID-less security management */ member
150 3. 安全管理标记(securebits)
941 new->securebits = old->securebits; in key_change_session_keyring()
49 cred->securebits = SECUREBITS_DEFAULT; in set_cred_user_ns()
173 3. Secure management flags (securebits).