Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromiumos / platform / minijail / c2c9bccd546e44aac8919352261fd6ac59f3855b
commitc2c9bccd546e44aac8919352261fd6ac59f3855b[log] [tgz]
authorJorge Lucangeli Obes <jorgelo@chromium.org>Tue May 01 09:30:24 2012 -0700
committerGerrit <chrome-bot@google.com>Wed May 02 08:11:17 2012 -0700
tree93a0a8076cf3f980784ddd90be084a0e212d6754
parent524c04005b26aa15b004ac55aceefdc654893e66 [diff]
Add API for PR_SET_NO_NEW_PRIVS and set seccomp filter before dropping root.

BUG=chromium-os:27878
TEST=minijail_unittest, syscall_filter_unittest
TEST=security_Minijail0
TEST=security_Minijail_seccomp

Change-Id: I78495fda8c14ca5b4f398806eb564b0756876735
Reviewed-on: https://gerrit.chromium.org/gerrit/21545
Tested-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Will Drewry <wad@chromium.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Commit-Ready: Jorge Lucangeli Obes <jorgelo@chromium.org>
3 files changed
tree: 93a0a8076cf3f980784ddd90be084a0e212d6754
  1. test/
  2. bpf.c
  3. bpf.h
  4. inherit-review-settings-ok
  5. libminijail-private.h
  6. libminijail.c
  7. libminijail.h
  8. libminijail_unittest.c
  9. libminijailpreload.c
  10. libsyscalls.h
  11. LICENSE
  12. Makefile
  13. minijail0.1
  14. minijail0.5
  15. minijail0.c
  16. OWNERS
  17. syscall_filter.c
  18. syscall_filter.h
  19. syscall_filter_unittest.c
  20. test_harness.h
  21. WATCHLISTS