diff options
author | Topi Miettinen <toiwoton@gmail.com> | 2021-01-16 13:49:32 +0200 |
---|---|---|
committer | Topi Miettinen <topimiettinen@users.noreply.github.com> | 2021-01-29 12:40:52 +0000 |
commit | ddc155b2fd7807cda088c437dc836eebbcf79cea (patch) | |
tree | 512024b3042da520bffd77e1b7e0e64e0405df68 /src/core/execute.h | |
parent | 78dff3f3d72c62357543fe1716da3886cff54a10 (diff) | |
download | systemd-ddc155b2fd7807cda088c437dc836eebbcf79cea.tar.gz |
New directives NoExecPaths= ExecPaths=
Implement directives `NoExecPaths=` and `ExecPaths=` to control `MS_NOEXEC`
mount flag for the file system tree. This can be used to implement file system
W^X policies, and for example with allow-listing mode (NoExecPaths=/) a
compromised service would not be able to execute a shell, if that was not
explicitly allowed.
Example:
[Service]
NoExecPaths=/
ExecPaths=/usr/bin/daemon /usr/lib64 /usr/lib
Closes: #17942.
Diffstat (limited to 'src/core/execute.h')
-rw-r--r-- | src/core/execute.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/core/execute.h b/src/core/execute.h index f8231ba773..d615af5109 100644 --- a/src/core/execute.h +++ b/src/core/execute.h @@ -243,7 +243,7 @@ struct ExecContext { char *apparmor_profile; char *smack_process_label; - char **read_write_paths, **read_only_paths, **inaccessible_paths; + char **read_write_paths, **read_only_paths, **inaccessible_paths, **exec_paths, **no_exec_paths; unsigned long mount_flags; BindMount *bind_mounts; size_t n_bind_mounts; |