Home
last modified time | relevance | path

Searched refs:CAP_SETUID (Results 1 – 14 of 14) sorted by relevance

/OK3568_Linux_fs/kernel/Documentation/admin-guide/LSM/
H A DSafeSetID.rst14 to switch to a different user must be spawned with CAP_SETUID privileges.
15 CAP_SETUID is granted to programs running as root or those running as a non-root
16 user that have been explicitly given the CAP_SETUID runtime capability. It is
25 since CAP_SETUID allows changing to any user on the system, including the root
35 other untrusted uids without full blown CAP_SETUID capabilities. The non-root
36 program would still need CAP_SETUID to do any kind of transition, but the
38 of CAP_SETUID since the non-root program cannot take advantage of CAP_SETUID to
41 services without having to give out CAP_SETUID all over the place just so that
45 basically-root-equivalent CAP_SETUID.
112 previously for CAP_SETUID. However, for compatibility with common sandboxing
/OK3568_Linux_fs/kernel/security/safesetid/
H A Dlsm.c96 if (cap != CAP_SETUID && cap != CAP_SETGID) in safesetid_security_capable()
114 case CAP_SETUID: in safesetid_security_capable()
/OK3568_Linux_fs/yocto/meta-openembedded/meta-webserver/recipes-httpd/hiawatha/files/
H A Dhiawatha.service13 …ingSet=CAP_NET_BIND_SERVICE CAP_CHOWN CAP_DAC_OVERRIDE CAP_FOWNER CAP_FSETID CAP_SETGID CAP_SETUID
/OK3568_Linux_fs/prebuilts/gcc/linux-x86/aarch64/gcc-arm-10.3-2021.07-x86_64-aarch64-none-linux-gnu/aarch64-none-linux-gnu/libc/usr/include/linux/
H A Dcapability.h155 #define CAP_SETUID 7 macro
/OK3568_Linux_fs/prebuilts/gcc/linux-x86/arm/gcc-arm-10.3-2021.07-x86_64-arm-none-linux-gnueabihf/arm-none-linux-gnueabihf/libc/usr/include/linux/
H A Dcapability.h155 #define CAP_SETUID 7 macro
/OK3568_Linux_fs/kernel/include/uapi/linux/
H A Dcapability.h157 #define CAP_SETUID 7 macro
/OK3568_Linux_fs/kernel/tools/testing/selftests/clone3/
H A Dclone3_cap_checkpoint_restore.c101 cap_value_t cap_values[] = { CAP_SETUID, CAP_SETGID }; in set_capability()
/OK3568_Linux_fs/kernel/security/keys/
H A Dpersistent.c149 !ns_capable(ns, CAP_SETUID)) in keyctl_get_persistent()
/OK3568_Linux_fs/kernel/tools/testing/selftests/safesetid/
H A Dsafesetid-test.c272 cap_value_t cap_values[] = {CAP_SETUID, CAP_SETGID}; in drop_caps()
/OK3568_Linux_fs/kernel/kernel/
H A Duser_namespace.c1100 return map_write(file, buf, size, ppos, CAP_SETUID, in proc_uid_map_write()
1145 if (cap_setid == CAP_SETUID && !verify_root_map(file, ns, new_map)) in new_idmap_permitted()
1154 if (cap_setid == CAP_SETUID) { in new_idmap_permitted()
H A Dsys.c538 !ns_capable_setid(old->user_ns, CAP_SETUID)) in __sys_setreuid()
547 !ns_capable_setid(old->user_ns, CAP_SETUID)) in __sys_setreuid()
606 if (ns_capable_setid(old->user_ns, CAP_SETUID)) { in __sys_setuid()
668 if (!ns_capable_setid(old->user_ns, CAP_SETUID)) { in __sys_setresuid()
840 ns_capable_setid(old->user_ns, CAP_SETUID)) { in __sys_setfsuid()
/OK3568_Linux_fs/kernel/net/core/
H A Dscm.c57 uid_eq(uid, cred->suid)) || ns_capable(cred->user_ns, CAP_SETUID)) && in scm_check_creds()
/OK3568_Linux_fs/kernel/security/
H A Dcommoncap.c867 if (!ns_capable(new->user_ns, CAP_SETUID) || in cap_bprm_creds_from_file()
/OK3568_Linux_fs/kernel/security/integrity/ima/
H A Dima_policy.c532 if (has_capability_noaudit(current, CAP_SETUID)) { in ima_match_rules()