commit | 96d9e30fdfb7ab8b0cdc44228359dd0c08d59946 | [log] [tgz] |
---|---|---|
author | Jorge Lucangeli Obes <jorgelo@chromium.org> | Thu Jun 08 19:15:36 2017 |
committer | chrome-bot <chrome-bot@chromium.org> | Thu Jun 29 21:16:35 2017 |
tree | 3ff9b64128ea344bf5e055d07cb5a47a6fc7cc09 | |
parent | f21d857fde838f7cb141f81c49070abbdf343fce [diff] |
Use NoNewPrivs for daisydog. Doesn't look like daisydog is launching anything that requires to elevate privilege. BUG=chromium:730623 TEST=security_SandboxedServices. Change-Id: Ia6ea273c543c2e4a9bd9d7dd0e49142d2e08640a Reviewed-on: https://chromium-review.googlesource.com/527817 Commit-Ready: Jorge Lucangeli Obes <jorgelo@chromium.org> Tested-by: Jorge Lucangeli Obes <jorgelo@chromium.org> Reviewed-by: Mike Frysinger <vapier@chromium.org>
GPL Code is copied with explicit permission from Daniel Widyanto:
http://embeddedfreak.wordpress.com/2010/08/23/howto-use-linux-watchdog/
The project name is based on Samsung's “daisy” reference board design and I liked this quote from the daisy dog FAQ:
Daisy Dogs are not persnickety little ankle biters
When this daisydog doesn't run, the machine should reset. :)
An alternative code to start with would have been:
https://dev.openwrt.org/ticket/2270
The watchdog project is alot more complicated than what the Chromium OS project needs.