[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 0/2] virtiofsd: drop Linux capabilities(7)
From: |
Dr. David Alan Gilbert |
Subject: |
Re: [PATCH 0/2] virtiofsd: drop Linux capabilities(7) |
Date: |
Fri, 1 May 2020 19:28:57 +0100 |
User-agent: |
Mutt/1.13.4 (2020-02-15) |
* Stefan Hajnoczi (address@hidden) wrote:
> virtiofsd doesn't need of all Linux capabilities(7) available to root. Keep a
> whitelisted set of capabilities that we require. This improves security in
> case virtiofsd is compromised by making it hard for an attacker to gain
> further
> access to the system.
Queued.
> Stefan Hajnoczi (2):
> virtiofsd: only retain file system capabilities
> virtiofsd: drop all capabilities in the wait parent process
>
> tools/virtiofsd/passthrough_ll.c | 51 ++++++++++++++++++++++++++++++++
> 1 file changed, 51 insertions(+)
>
> --
> 2.25.1
>
--
Dr. David Alan Gilbert / address@hidden / Manchester, UK
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [PATCH 0/2] virtiofsd: drop Linux capabilities(7),
Dr. David Alan Gilbert <=