| /linux/Documentation/userspace-api/ |
| H A D | no_new_privs.rst | 15 - chroot is disallowed to unprivileged processes, since it would allow
53 available to an unprivileged user. If everything running with a
60 available to unprivileged tasks if ``no_new_privs`` is set. In principle,
|
| /linux/tools/bpf/bpftool/Documentation/ |
| H A D | bpftool-feature.rst | 26 | **bpftool** **feature probe** [*COMPONENT*] [**full**] [**unprivileged**] [**macros** [**prefix**…
54 When the **unprivileged** keyword is used, bpftool will dump only the
58 MUST use the **unprivileged** keyword: This is to avoid misdetection if
|
| /linux/tools/testing/selftests/mount/ |
| H A D | run_unprivileged_remount.sh | 8 ./unprivileged-remount-test ;
|
| H A D | .gitignore | 2 unprivileged-remount-test
|
| H A D | Makefile | 7 TEST_GEN_FILES := unprivileged-remount-test nosymfollow-test
|
| /linux/Documentation/admin-guide/ |
| H A D | perf-security.rst | 54 ID is 0, referred to as superuser or root), and b) unprivileged
67 files of unprivileged users.
87 Prior Linux v5.9 unprivileged processes using perf_events system call
90 So unprivileged processes provided with CAP_SYS_PTRACE capability are
96 Other capabilities being granted to unprivileged processes can
226 perf_events *scope* and *access* control for unprivileged processes
243 imposed but ignored for unprivileged processes with CAP_IPC_LOCK
252 unprivileged processes with CAP_IPC_LOCK capability.
259 unprivileged processes with CAP_IPC_LOCK capability.
|
| /linux/Documentation/filesystems/fuse/ |
| H A D | fuse-passthrough.rst | 73 This behavior leads to two main issues for unprivileged FUSE daemons:
85 (``RLIMIT_NOFILE``). If an unprivileged daemon could register backing files
102 filesystem stacking scenarios if unprivileged users could set up passthrough.
|
| H A D | fuse.rst | 312 an unprivileged user - normally restricted from mounting with
316 processes in user namespaces where they're unprivileged. For this
379 Since we are talking about unprivileged userspace programs,
|
| /linux/arch/arm/boot/dts/xen/ |
| H A D | xenvm-4.2.dts | 3 * Xen Virtual Machine for unprivileged guests
|
| /linux/Documentation/driver-api/early-userspace/ |
| H A D | early_userspace_support.rst | 44 built by an unprivileged user.
65 Because device-special files cannot be created by a unprivileged user,
68 early userspace image can be built by an unprivileged user.
|
| /linux/Documentation/arch/riscv/ |
| H A D | cmodx.rst | 10 program must enforce its own synchronization with the unprivileged fence.i
45 Though fence.i is an unprivileged instruction, the default Linux ABI prohibits
|
| H A D | uabi.rst | 32 after standard unprivileged extensions. If multiple supervisor-level
|
| /linux/arch/powerpc/kvm/ |
| H A D | book3s_emulate.c | 685 goto unprivileged; in kvmppc_core_emulate_mtspr_pr()
844 unprivileged: in kvmppc_core_emulate_mtspr_pr()
885 goto unprivileged; in kvmppc_core_emulate_mfspr_pr()
1013 unprivileged: in kvmppc_core_emulate_mfspr_pr()
|
| /linux/Documentation/security/ |
| H A D | landlock.rst | 14 including unprivileged ones. Because such a process may be compromised or
19 Landlock is designed to be usable by unprivileged processes while following the
|
| H A D | self-protection.rst | 13 In the worst-case scenario, we assume an unprivileged local attacker
119 restricted to the more regular set of normally available to unprivileged
125 The kernel should never allow an unprivileged user the ability to
131 unprivileged socket API is nonsense: only the root or physically local
|
| /linux/Documentation/ABI/testing/ |
| H A D | sysfs-class-chromeos-driver-cros-ec-lightbar | 15 and other system hardware. To prevent unprivileged users
|
| H A D | sysfs-class-rtc | 36 (RW) The maximum interrupt rate an unprivileged user may request
|
| /linux/Documentation/infiniband/ |
| H A D | user_verbs.rst | 55 unprivileged processes do not exceed their RLIMIT_MEMLOCK limit.
|
| /linux/Documentation/admin-guide/hw-vuln/ |
| H A D | gather_data_sampling.rst | 6 Gather Data Sampling is a hardware vulnerability which allows unprivileged
|
| H A D | tsx_async_abort.rst | 6 TAA is a hardware vulnerability that allows unprivileged speculative access to
72 Attacks against the TAA vulnerability can be implemented from unprivileged
|
| H A D | special-register-buffer-data-sampling.rst | 58 An unprivileged user can extract values returned from RDRAND and RDSEED
|
| /linux/security/ |
| H A D | Kconfig | 11 bool "Restrict unprivileged access to the kernel syslog"
14 This enforces restrictions on unprivileged users reading the kernel
|
| /linux/Documentation/block/ |
| H A D | ublk.rst | 150 permission check, and this command is added for supporting unprivileged
161 unprivileged application needs to query devices the current user owns,
233 Once the flag is set, all control commands can be sent by unprivileged
|
| /linux/Documentation/admin-guide/sysctl/ |
| H A D | net.rst | 104 - 1 - enable JIT hardening for unprivileged users only
128 compiler in order to reject unprivileged JIT requests once it has
244 packet contents. If disabled, transmit timestamp requests from unprivileged
|
| H A D | kernel.rst | 256 This toggle indicates whether unprivileged users are prevented
505 -EPERM) for unprivileged processes not in the io_uring_group group.
583 unprivileged users.
589 if leaking kernel pointer values to unprivileged users is a concern.
991 Controls use of the performance events system by unprivileged
1481 systems, large numbers of split locks from unprivileged users can result in
1659 Writing 1 to this entry will disable unprivileged calls to ``bpf()``;
1664 Writing 2 to this entry will also disable unprivileged calls to ``bpf()``,
|