summaryrefslogtreecommitdiff
path: root/include/linux/securebits.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/linux/securebits.h')
-rw-r--r--include/linux/securebits.h30
1 files changed, 30 insertions, 0 deletions
diff --git a/include/linux/securebits.h b/include/linux/securebits.h
new file mode 100644
index 000000000000..5b0617840fa4
--- /dev/null
+++ b/include/linux/securebits.h
@@ -0,0 +1,30 @@
+#ifndef _LINUX_SECUREBITS_H
+#define _LINUX_SECUREBITS_H 1
+
+#define SECUREBITS_DEFAULT 0x00000000
+
+extern unsigned securebits;
+
+/* When set UID 0 has no special privileges. When unset, we support
+ inheritance of root-permissions and suid-root executable under
+ compatibility mode. We raise the effective and inheritable bitmasks
+ *of the executable file* if the effective uid of the new process is
+ 0. If the real uid is 0, we raise the inheritable bitmask of the
+ executable file. */
+#define SECURE_NOROOT 0
+
+/* When set, setuid to/from uid 0 does not trigger capability-"fixes"
+ to be compatible with old programs relying on set*uid to loose
+ privileges. When unset, setuid doesn't change privileges. */
+#define SECURE_NO_SETUID_FIXUP 2
+
+/* Each securesetting is implemented using two bits. One bit specify
+ whether the setting is on or off. The other bit specify whether the
+ setting is fixed or not. A setting which is fixed cannot be changed
+ from user-level. */
+
+#define issecure(X) ( (1 << (X+1)) & SECUREBITS_DEFAULT ? \
+ (1 << (X)) & SECUREBITS_DEFAULT : \
+ (1 << (X)) & securebits )
+
+#endif /* !_LINUX_SECUREBITS_H */