[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 0/2] virtiofsd: drop Linux capabilities(7)
From: |
Stefan Hajnoczi |
Subject: |
[PATCH 0/2] virtiofsd: drop Linux capabilities(7) |
Date: |
Thu, 16 Apr 2020 17:49:05 +0100 |
virtiofsd doesn't need of all Linux capabilities(7) available to root. Keep a
whitelisted set of capabilities that we require. This improves security in
case virtiofsd is compromised by making it hard for an attacker to gain further
access to the system.
Stefan Hajnoczi (2):
virtiofsd: only retain file system capabilities
virtiofsd: drop all capabilities in the wait parent process
tools/virtiofsd/passthrough_ll.c | 51 ++++++++++++++++++++++++++++++++
1 file changed, 51 insertions(+)
--
2.25.1
- [PATCH 0/2] virtiofsd: drop Linux capabilities(7),
Stefan Hajnoczi <=