Kconfig - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt

Kconfig (709B)

      1# SPDX-License-Identifier: GPL-2.0-only
      2config SECURITY_SAFESETID
      3        bool "Gate setid transitions to limit CAP_SET{U/G}ID capabilities"
      4        depends on SECURITY
      5        select SECURITYFS
      6        default n
      7        help
      8          SafeSetID is an LSM module that gates the setid family of syscalls to
      9          restrict UID/GID transitions from a given UID/GID to only those
     10          approved by a system-wide whitelist. These restrictions also prohibit
     11          the given UIDs/GIDs from obtaining auxiliary privileges associated
     12          with CAP_SET{U/G}ID, such as allowing a user to set up user namespace
     13          UID mappings.
     14
     15          If you are unsure how to answer this question, answer N.