seccomp: LockPersonality boolean (#6193)

Add LockPersonality boolean to allow locking down personality(2) system call so that the execution domain can't be changed. This may be useful to improve security because odd emulations may be poorly tested and source of vulnerabilities, while system services shouldn't need any weird personalities.
author: Topi Miettinen <toiwoton@gmail.com> 2017-07-04 15:48:18 +0300
committer: Lennart Poettering <lennart@poettering.net> 2017-08-29 15:54:50 +0200
commit: 78e864e5b3cc11b72ae663f49f42f158cafbfedf (patch)
tree: 85d0a246d06126e77b1a13c9c80ee99111f53c9c /src/shared/seccomp-util.h
parent: 54d564a2122acb364a2e3dc1c1562386b9ce3080 (diff)
download: systemd-78e864e5b3cc11b72ae663f49f42f158cafbfedf.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/src/shared/seccomp-util.h b/src/shared/seccomp-util.h
index 0edffa116d..ca43ba8659 100644
--- a/src/shared/seccomp-util.h
+++ b/src/shared/seccomp-util.h
@@ -78,6 +78,7 @@ int seccomp_protect_sysctl(void);
 int seccomp_restrict_address_families(Set *address_families, bool whitelist);
 int seccomp_restrict_realtime(void);
 int seccomp_memory_deny_write_execute(void);
+int seccomp_lock_personality(unsigned long personality);
 
 extern const uint32_t seccomp_local_archs[];
author	Topi Miettinen <toiwoton@gmail.com>	2017-07-04 15:48:18 +0300
committer	Lennart Poettering <lennart@poettering.net>	2017-08-29 15:54:50 +0200
commit	78e864e5b3cc11b72ae663f49f42f158cafbfedf (patch)
tree	85d0a246d06126e77b1a13c9c80ee99111f53c9c /src/shared/seccomp-util.h
parent	54d564a2122acb364a2e3dc1c1562386b9ce3080 (diff)
download	systemd-78e864e5b3cc11b72ae663f49f42f158cafbfedf.tar.gz