projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0f63c0e) | patch
kernel: Only expose su when daemon is running
authorTom Marshall <tdm.code@gmail.com>
Wed, 25 Jan 2017 17:01:03 +0000 (18:01 +0100)
committerStricted <info@stricted.net>
Thu, 3 May 2018 16:44:36 +0000 (18:44 +0200)
commit672c40a112898c4a6467892e22d5979c14aa0820
tree5033518023fe769adc452e4c7cd4dc5adc00225btree | snapshot (tar.gz zip)
parent0f63c0e88f76878a55b375f81e8b326a21dee2efcommit | diff
kernel: Only expose su when daemon is running

It has been claimed that the PG implementation of 'su' has security
vulnerabilities even when disabled.  Unfortunately, the people that
find these vulnerabilities often like to keep them private so they
can profit from exploits while leaving users exposed to malicious
hackers.

In order to reduce the attack surface for vulnerabilites, it is
therefore necessary to make 'su' completely inaccessible when it
is not in use (except by the root and system users).

Change-Id: I79716c72f74d0b7af34ec3a8054896c6559a181d
fs/exec.c diff | blob | blame | history
fs/namei.c diff | blob | blame | history
fs/readdir.c diff | blob | blame | history
include/linux/dcache.h diff | blob | blame | history
include/linux/fs.h diff | blob | blame | history
include/linux/sched.h diff | blob | blame | history
include/linux/uidgid.h diff | blob | blame | history
kernel/exit.c diff | blob | blame | history
kernel/fork.c diff | blob | blame | history
kernel/sched/core.c diff | blob | blame | history
kernel source for telekom puls (alcatel/mediatek)