diff options
author | Djalal Harouni <tixxdz@opendz.org> | 2016-10-09 12:28:25 +0200 |
---|---|---|
committer | Djalal Harouni <tixxdz@opendz.org> | 2016-10-12 14:12:07 +0200 |
commit | 4084e8fc8947566092fd4ee5a07405570fdbf84d (patch) | |
tree | fd92149d586a4cd6aff985dd24eec74b04f1b9dc /src/core/execute.c | |
parent | c575770b75b6cd15684fbacd249147bf5fd6ead7 (diff) |
core: check protect_kernel_modules and private_devices in order to setup NNP
Diffstat (limited to 'src/core/execute.c')
-rw-r--r-- | src/core/execute.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/core/execute.c b/src/core/execute.c index dc078d96f0..71439bc3c2 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -2115,6 +2115,8 @@ static bool context_has_no_new_privileges(const ExecContext *c) { c->memory_deny_write_execute || c->restrict_realtime || c->protect_kernel_tunables || + c->protect_kernel_modules || + c->private_devices || context_has_syscall_filters(c); } |