main: add configuration option to alter capability bounding set for PID 1

This also ensures that caps dropped from the bounding set are also dropped from the inheritable set, to be extra-secure. Usually that should change very little though as the inheritable set is empty for all our uses anyway.
author: Lennart Poettering <lennart@poettering.net> 2012-05-24 04:00:56 +0200
committer: Lennart Poettering <lennart@poettering.net> 2012-05-24 04:00:56 +0200
commit: ec8927ca5940e809f0b72f530582c76f1db4f065 (patch)
tree: b230d2458088a82b879afc39a2752d5fc674974e /src/core/load-fragment.c
parent: e056b01d8acea7fc06d52ef91d227d744faf5259 (diff)
1 files changed, 7 insertions, 6 deletions
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index d2267722dd..ff6e13e599 100644
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -931,7 +931,7 @@ int config_parse_exec_secure_bits(
         return 0;
 }
 
-int config_parse_exec_bounding_set(
+int config_parse_bounding_set(
                 const char *filename,
                 unsigned line,
                 const char *section,
@@ -941,7 +941,7 @@ int config_parse_exec_bounding_set(
                 void *data,
                 void *userdata) {
 
-        ExecContext *c = data;
+        uint64_t *capability_bounding_set_drop = data;
         char *w;
         size_t l;
         char *state;
@@ -968,7 +968,8 @@ int config_parse_exec_bounding_set(
                 int r;
                 cap_value_t cap;
 
-                if (!(t = strndup(w, l)))
+                t = strndup(w, l);
+                if (!t)
                         return -ENOMEM;
 
                 r = cap_from_name(t, &cap);
@@ -983,9 +984,9 @@ int config_parse_exec_bounding_set(
         }
 
         if (invert)
-                c->capability_bounding_set_drop |= sum;
+                *capability_bounding_set_drop |= sum;
         else
-                c->capability_bounding_set_drop |= ~sum;
+                *capability_bounding_set_drop |= ~sum;
 
         return 0;
 }
@@ -2447,7 +2448,7 @@ void unit_dump_config_items(FILE *f) {
                 { config_parse_level,                 "LEVEL" },
                 { config_parse_exec_capabilities,     "CAPABILITIES" },
                 { config_parse_exec_secure_bits,      "SECUREBITS" },
-                { config_parse_exec_bounding_set,     "BOUNDINGSET" },
+                { config_parse_bounding_set,          "BOUNDINGSET" },
                 { config_parse_exec_timer_slack_nsec, "TIMERSLACK" },
                 { config_parse_limit,                 "LIMIT" },
                 { config_parse_unit_cgroup,           "CGROUP [...]" },
author	Lennart Poettering <lennart@poettering.net>	2012-05-24 04:00:56 +0200
committer	Lennart Poettering <lennart@poettering.net>	2012-05-24 04:00:56 +0200
commit	ec8927ca5940e809f0b72f530582c76f1db4f065 (patch)
tree	b230d2458088a82b879afc39a2752d5fc674974e /src/core/load-fragment.c
parent	e056b01d8acea7fc06d52ef91d227d744faf5259 (diff)