commit | 69b800391cad3b1c5fd88f1370f7522f9efb4c85 | [log] [tgz] |
---|---|---|
author | Stephen Smalley <sds@tycho.nsa.gov> | Thu Jul 24 15:23:05 2014 -0400 |
committer | Stephen Smalley <sds@tycho.nsa.gov> | Thu Jul 24 16:01:56 2014 -0400 |
tree | a61af8565be026cf2f14940a8a5b2d27b6aca4b1 | |
parent | 73290cd1369422260f1843dc36949c27422c0300 [diff] |
Add SELinux MAC to debuggerd. debuggerd allows uid-0 processes to dump tombstones or backtraces of any process, and uid-system processes to dump backtraces of any processes. Restrict these operations via SELinux based on the client context, the target process context, and the action. Depends on I8e120d319512ff207ed22ed87cde4e0432a13dda for the corresponding policy definitions. Change-Id: Ib317564e54e07cc21f259e75124b762ad17c6e16 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>