| /linux/Documentation/userspace-api/ |
| H A D | no_new_privs.rst | 15 - chroot is disallowed to unprivileged processes, since it would allow
53 available to an unprivileged user. If everything running with a
60 available to unprivileged tasks if ``no_new_privs`` is set. In principle,
|
| /linux/tools/bpf/bpftool/Documentation/ |
| H A D | bpftool-feature.rst | 26 | **bpftool** **feature probe** [*COMPONENT*] [**full**] [**unprivileged**] [**macros** [**prefix**…
54 When the **unprivileged** keyword is used, bpftool will dump only the
58 MUST use the **unprivileged** keyword: This is to avoid misdetection if
|
| /linux/Documentation/admin-guide/ |
| H A D | perf-security.rst | 54 ID is 0, referred to as superuser or root), and b) unprivileged
67 files of unprivileged users.
87 Prior Linux v5.9 unprivileged processes using perf_events system call
90 So unprivileged processes provided with CAP_SYS_PTRACE capability are
96 Other capabilities being granted to unprivileged processes can
226 perf_events *scope* and *access* control for unprivileged processes
243 imposed but ignored for unprivileged processes with CAP_IPC_LOCK
252 unprivileged processes with CAP_IPC_LOCK capability.
259 unprivileged processes with CAP_IPC_LOCK capability.
|
| /linux/tools/testing/selftests/mount/ |
| H A D | run_unprivileged_remount.sh | 8 ./unprivileged-remount-test ;
|
| H A D | .gitignore | 2 unprivileged-remount-test
|
| H A D | Makefile | 7 TEST_GEN_FILES := unprivileged-remount-test nosymfollow-test
|
| /linux/kernel/bpf/ |
| H A D | Kconfig | 74 bool "Disable unprivileged BPF by default"
78 Disables unprivileged BPF by default by setting the corresponding
|
| /linux/Documentation/filesystems/fuse/ |
| H A D | fuse-passthrough.rst | 73 This behavior leads to two main issues for unprivileged FUSE daemons:
85 (``RLIMIT_NOFILE``). If an unprivileged daemon could register backing files
102 filesystem stacking scenarios if unprivileged users could set up passthrough.
|
| H A D | fuse.rst | 312 an unprivileged user - normally restricted from mounting with
316 processes in user namespaces where they're unprivileged. For this
379 Since we are talking about unprivileged userspace programs,
|
| /linux/Documentation/driver-api/early-userspace/ |
| H A D | early_userspace_support.rst | 44 built by an unprivileged user.
65 Because device-special files cannot be created by a unprivileged user,
68 early userspace image can be built by an unprivileged user.
|
| /linux/arch/arm/boot/dts/xen/ |
| H A D | xenvm-4.2.dts | 3 * Xen Virtual Machine for unprivileged guests
|
| /linux/arch/powerpc/kvm/ |
| H A D | book3s_emulate.c | 685 goto unprivileged; in kvmppc_core_emulate_mtspr_pr()
844 unprivileged: in kvmppc_core_emulate_mtspr_pr()
885 goto unprivileged; in kvmppc_core_emulate_mfspr_pr()
1013 unprivileged: in kvmppc_core_emulate_mfspr_pr()
|
| /linux/Documentation/arch/riscv/ |
| H A D | cmodx.rst | 10 program must enforce its own synchronization with the unprivileged fence.i
45 Though fence.i is an unprivileged instruction, the default Linux ABI prohibits
|
| H A D | uabi.rst | 32 after standard unprivileged extensions. If multiple supervisor-level
|
| /linux/fs/smb/server/ |
| H A D | Kconfig | 69 Prevent unprivileged processes to start the ksmbd kernel server.
|
| /linux/Documentation/security/ |
| H A D | self-protection.rst | 13 In the worst-case scenario, we assume an unprivileged local attacker
119 restricted to the more regular set of normally available to unprivileged
125 The kernel should never allow an unprivileged user the ability to
131 unprivileged socket API is nonsense: only the root or physically local
|
| H A D | landlock.rst | 14 including unprivileged ones. Because such a process may be compromised or
19 Landlock is designed to be usable by unprivileged processes while following the
|
| /linux/Documentation/ABI/testing/ |
| H A D | sysfs-class-chromeos-driver-cros-ec-lightbar | 15 and other system hardware. To prevent unprivileged users
|
| H A D | sysfs-class-rtc | 36 (RW) The maximum interrupt rate an unprivileged user may request
|
| /linux/Documentation/infiniband/ |
| H A D | user_verbs.rst | 55 unprivileged processes do not exceed their RLIMIT_MEMLOCK limit.
|
| /linux/security/ |
| H A D | Kconfig | 11 bool "Restrict unprivileged access to the kernel syslog"
14 This enforces restrictions on unprivileged users reading the kernel
|
| /linux/Documentation/admin-guide/hw-vuln/ |
| H A D | tsx_async_abort.rst | 6 TAA is a hardware vulnerability that allows unprivileged speculative access to
72 Attacks against the TAA vulnerability can be implemented from unprivileged
|
| H A D | gather_data_sampling.rst | 6 Gather Data Sampling is a hardware vulnerability which allows unprivileged
|
| H A D | special-register-buffer-data-sampling.rst | 58 An unprivileged user can extract values returned from RDRAND and RDSEED
|
| /linux/Documentation/admin-guide/sysctl/ |
| H A D | kernel.rst | 256 This toggle indicates whether unprivileged users are prevented
505 -EPERM) for unprivileged processes not in the io_uring_group group.
583 unprivileged users.
589 if leaking kernel pointer values to unprivileged users is a concern.
994 Controls use of the performance events system by unprivileged
1478 systems, large numbers of split locks from unprivileged users can result in
1656 Writing 1 to this entry will disable unprivileged calls to ``bpf()``;
1661 Writing 2 to this entry will also disable unprivileged calls to ``bpf()``,
|