DL-Mirrors/kernel-tenderloin-3.0
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
256,867 Commits 9 Branches 0 Tags
ff2d366f21bf5ec2748e890fc15966932f5fd981
Commit Graph

3 Commits

Author SHA1 Message Date
JP Abgrall
0b893f0f37 netfilter: xt_qtaguid: add uid permission checks during ctrl/stats access 
* uid handling
 - Limit UID impersonation to processes with a gid in AID_NET_BW_ACCT.
   This affects socket tagging, and data removal.
 - Limit stats lookup to own uid or the process gid is in AID_NET_BW_STATS.
   This affects stats lookup.

* allow pacifying the module
  Setting passive to Y/y will make the module return immediately on
  external stimulus.
  No more stats and silent success on ctrl writes.
  Mainly used when one suspects this module of misbehaving.

Change-Id: I83990862d52a9b0922aca103a0f61375cddeb7c4
Signed-off-by: JP Abgrall <jpa@google.com>
 2011-07-21 18:04:46 -07:00
Chia-chi Yeh
622495a5ad security: Add AID_NET_RAW and AID_NET_ADMIN capability check in cap_capable(). 
Signed-off-by: Chia-chi Yeh <chiachi@android.com>
 2011-06-14 09:09:14 -07:00
Robert Love
a7f1281e92 Add android_aid.h 
Add <linux/android_aid.h>, our mapping of AID defines to gid numbers.

Signed-off-by: Robert Love <rlove@google.com>
 2011-06-14 09:08:46 -07:00