projects / GitHub / LineageOS / android_kernel_samsung_universal7580.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6722dfa) | patch
kernel: Only expose su when daemon is running
authorTom Marshall <tdm.code@gmail.com>
Wed, 25 Jan 2017 17:01:03 +0000 (18:01 +0100)
committerDanny Wood <danwood76@gmail.com>
Fri, 30 Nov 2018 10:58:44 +0000 (10:58 +0000)
commit3f672f0abd22a68f37163133072c8a2b9d290b5f
tree2b133f988b29fc69efe6c9d9fcc1f11105aa9e23tree | snapshot (tar.gz zip)
parent6722dfadabb2b5c191ba94156629976f66190671commit | diff
kernel: Only expose su when daemon is running

It has been claimed that the PG implementation of 'su' has security
vulnerabilities even when disabled.  Unfortunately, the people that
find these vulnerabilities often like to keep them private so they
can profit from exploits while leaving users exposed to malicious
hackers.

In order to reduce the attack surface for vulnerabilites, it is
therefore necessary to make 'su' completely inaccessible when it
is not in use (except by the root and system users).

Change-Id: I79716c72f74d0b7af34ec3a8054896c6559a181d
fs/exec.c diff | blob | blame | history
fs/namei.c diff | blob | blame | history
fs/readdir.c diff | blob | blame | history
include/linux/dcache.h diff | blob | blame | history
include/linux/fs.h diff | blob | blame | history
include/linux/sched.h diff | blob | blame | history
include/linux/uidgid.h diff | blob | blame | history
kernel/exit.c diff | blob | blame | history
kernel/fork.c diff | blob | blame | history
kernel/sched/core.c diff | blob | blame | history