alistair23-linux/security/apparmor
Jeff Mahoney ff118479a7 apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task
While using AppArmor, SYS_CAP_RESOURCE is insufficient to call prlimit
on another task. The only other example of a AppArmor mediating access to
another, already running, task (ignoring fork+exec) is ptrace.

The AppArmor model for ptrace is that one of the following must be true:
1) The tracer is unconfined
2) The tracer is in complain mode
3) The tracer and tracee are confined by the same profile
4) The tracer is confined but has SYS_CAP_PTRACE

1), 2, and 3) are already true for setrlimit.

We can match the ptrace model just by allowing CAP_SYS_RESOURCE.

We still test the values of the rlimit since it can always be overridden
using a value that means unlimited for a particular resource.

Signed-off-by: Jeff Mahoney <jeffm@suse.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
2016-07-12 08:43:10 -07:00
..
include apparmor: add parameter to control whether policy hashing is used 2016-07-12 08:43:10 -07:00
.gitignore AppArmor: remove af_names.h from .gitignore 2012-09-01 08:35:34 -07:00
apparmorfs.c apparmor: use list_next_entry instead of list_entry_next 2016-07-12 08:43:10 -07:00
audit.c apparmor: fix uninitialized lsm_audit member 2016-07-12 08:43:10 -07:00
capability.c apparmor: fix capability to not use the current task, during reporting 2013-10-29 21:33:37 -07:00
context.c apparmor: change how profile replacement update is done 2013-08-14 11:42:06 -07:00
crypto.c apparmor: Use shash crypto API interface for profile hashes 2013-09-30 09:53:59 +10:00
domain.c apparmor: ensure the target profile name is always audited 2016-07-12 08:43:10 -07:00
file.c apparmor: fix uninitialized lsm_audit member 2016-07-12 08:43:10 -07:00
ipc.c apparmor: fix capability to not use the current task, during reporting 2013-10-29 21:33:37 -07:00
Kconfig apparmor: add parameter to control whether policy hashing is used 2016-07-12 08:43:10 -07:00
lib.c nick kvfree() from apparmor 2014-05-06 14:02:53 -04:00
lsm.c apparmor: add parameter to control whether policy hashing is used 2016-07-12 08:43:10 -07:00
Makefile apparmor: add the ability to report a sha1 hash of loaded policy 2013-08-14 11:42:08 -07:00
match.c apparmor: reserve and mask off the top 8 bits of the base field 2013-04-28 00:37:32 -07:00
path.c apparmor: internal paths should be treated as disconnected 2016-07-12 08:43:10 -07:00
policy.c apparmor: fix refcount race when finding a child profile 2016-07-12 08:43:10 -07:00
policy_unpack.c apparmor: check that xindex is in trans_table bounds 2016-07-12 08:43:10 -07:00
procattr.c apparmor: add interface files for profiles and namespaces 2013-08-14 11:42:07 -07:00
resource.c apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task 2016-07-12 08:43:10 -07:00
sid.c AppArmor: core policy routines 2010-08-02 15:38:37 +10:00