diff options
| author | Alejandro Colomar <alx@kernel.org> | 2024-05-29 21:06:17 +0200 |
|---|---|---|
| committer | Alejandro Colomar <alx@kernel.org> | 2024-05-31 01:50:15 +0200 |
| commit | 093de3e77954219d81550e3e9ad55ece82d8b2bb (patch) | |
| tree | 0ed6f31202b70dcc768648b0ece73829468e43e1 | |
| parent | 8d99d47e30a5dec943d6d60efd10697302cc5336 (diff) | |
| download | man-pages-093de3e77954219d81550e3e9ad55ece82d8b2bb.tar.gz | |
prctl.2, PR_GET_NO_NEW_PRIVS.2const: Split PR_GET_NO_NEW_PRIVS from prctl(2)
Signed-off-by: Alejandro Colomar <alx@kernel.org>
| -rw-r--r-- | man/man2/prctl.2 | 17 | ||||
| -rw-r--r-- | man/man2const/PR_GET_NO_NEW_PRIVS.2const | 46 |
2 files changed, 49 insertions, 14 deletions
diff --git a/man/man2/prctl.2 b/man/man2/prctl.2 index 3fa1f7bf8a..041f27bcf2 100644 --- a/man/man2/prctl.2 +++ b/man/man2/prctl.2 @@ -21,7 +21,6 @@ .\" 2012-04-25 Michael Kerrisk, Document PR_TASK_PERF_EVENTS_DISABLE and .\" PR_TASK_PERF_EVENTS_ENABLE .\" 2012-09-20 Kees Cook, update PR_SET_SECCOMP for mode 2 -.\" 2012-09-20 Kees Cook, document PR_GET_NO_NEW_PRIVS .\" 2012-10-25 Michael Kerrisk, Document PR_SET_TIMERSLACK and .\" PR_GET_TIMERSLACK .\" 2013-01-10 Kees Cook, document PR_SET_PTRACER @@ -111,18 +110,8 @@ The first argument can be: .B PR_GET_NAME .TQ .B PR_SET_NO_NEW_PRIVS -.\" prctl PR_GET_NO_NEW_PRIVS -.TP -.BR PR_GET_NO_NEW_PRIVS " (since Linux 3.5)" -Return (as the function result) the value of the -.I no_new_privs -attribute for the calling thread. -A value of 0 indicates the regular -.BR execve (2) -behavior. -A value of 1 indicates -.BR execve (2) -will operate in the privilege-restricting mode described above. +.TQ +.B PR_GET_NO_NEW_PRIVS .\" prctl PR_PAC_RESET_KEYS .\" commit ba830885656414101b2f8ca88786524d4bb5e8c1 .TP @@ -1222,7 +1211,6 @@ of the calling process. for information on the protection mask bits.) .SH RETURN VALUE On success, -.BR PR_GET_NO_NEW_PRIVS , .BR PR_GET_SECUREBITS , .BR PR_GET_SPECULATION_CTRL , .BR PR_SVE_GET_VL , @@ -1502,4 +1490,5 @@ glibc 2.0.6 .BR PR_SET_NAME (2const), .BR PR_GET_NAME (2const), .BR PR_SET_NO_NEW_PRIVS (2const), +.BR PR_GET_NO_NEW_PRIVS (2const), .BR core (5) diff --git a/man/man2const/PR_GET_NO_NEW_PRIVS.2const b/man/man2const/PR_GET_NO_NEW_PRIVS.2const new file mode 100644 index 0000000000..773bb149a1 --- /dev/null +++ b/man/man2const/PR_GET_NO_NEW_PRIVS.2const @@ -0,0 +1,46 @@ +.\" Copyright 2012, Kees Cook <keescook@chromium.org> +.\" Copyright 2012, 2013, 2015, Michael Kerrisk <mtk.manpages@gmail.com> +.\" +.\" SPDX-License-Identifier: Linux-man-pages-copyleft +.\" +.\" 2012-09-20 Kees Cook, document PR_GET_NO_NEW_PRIVS +.\" +.TH PR_GET_NO_NEW_PRIVS 2const (date) "Linux man-pages (unreleased)" +.SH NAME +PR_GET_NO_NEW_PRIVS +\- +get the calling thread's no_new_privs attribute +.SH LIBRARY +Standard C library +.RI ( libc ", " \-lc ) +.SH SYNOPSIS +.nf +.B #include <sys/prctl.h> +.P +.BI "int prctl(int " op ", ...);" +.fi +.SH DESCRIPTION +.TP +.BR PR_GET_NO_NEW_PRIVS " (since Linux 3.5)" +Return (as the function result) the value of the +.I no_new_privs +attribute for the calling thread. +A value of 0 indicates the regular +.BR execve (2) +behavior. +A value of 1 indicates +.BR execve (2) +will operate in the privilege-restricting mode described above. +.SH RETURN VALUE +On success, +.BR PR_GET_NO_NEW_PRIVS , +return the nonnegative values described above. +On error, \-1 is returned, and +.I errno +is set to indicate the error. +.SH STANDARDS +Linux. +.SH HISTORY +.SH SEE ALSO +.BR prctl (2), +.BR PR_SET_NO_NEW_PRIVS (2const) |