kernel: Only expose su when daemon is running

It has been claimed that the PG implementation of 'su' has security vulnerabilities even when disabled. Unfortunately, the people that find these vulnerabilities often like to keep them private so they can profit from exploits while leaving users exposed to malicious hackers. In order to reduce the attack surface for vulnerabilites, it is therefore necessary to make 'su' completely inaccessible when it is not in use (except by the root and system users). Change-Id: I79716c72f74d0b7af34ec3a8054896c6559a181d Signed-off-by: Davide Garberi <dade.garberi@gmail.com>
author: Tom Marshall <tdm.code@gmail.com> 2017-01-25 18:01:03 +0100
committer: Davide Garberi <dade.garberi@gmail.com> 2022-07-27 19:23:19 +0200
commit: 08ff8a2e58eb226015fa68d577121137a7e0953f (patch)
tree: 6804e0881c1588dd335fbcdacb7a46f2c95f412f /include/linux/fs.h
parent: e604a08d460859ac6de5dff7a19f2340edcc7ae8 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 42ac99e898a4..d06b2af25514 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -1668,6 +1668,7 @@ typedef int (*filldir_t)(struct dir_context *, const char *, int, loff_t, u64,
 struct dir_context {
 	const filldir_t actor;
 	loff_t pos;
+	bool romnt;
 };
 
 struct block_device_operations;
author	Tom Marshall <tdm.code@gmail.com>	2017-01-25 18:01:03 +0100
committer	Davide Garberi <dade.garberi@gmail.com>	2022-07-27 19:23:19 +0200
commit	08ff8a2e58eb226015fa68d577121137a7e0953f (patch)
tree	6804e0881c1588dd335fbcdacb7a46f2c95f412f /include/linux/fs.h
parent	e604a08d460859ac6de5dff7a19f2340edcc7ae8 (diff)