41 lines
1.1 KiB
Diff
41 lines
1.1 KiB
Diff
|
https://gitlab.com/apparmor/apparmor/-/merge_requests/589
|
||
|
|
|
||
|
|
commit ae012502095596df4675555da635c868e3b3c04a
|
||
|
|
Author: Christian Boltz <apparmor@cboltz.de>
|
||
|
|
Date: Fri Aug 7 22:37:19 2020 +0200
|
||
|
|
|
||
|
|
Add CAP_BPF and CAP_PERFMON to severity.db
|
||
|
|
|
||
|
|
These capabilities were introduced in Linux 5.8
|
||
|
|
|
||
|
|
References: https://bugs.launchpad.net/bugs/1890547
|
||
|
|
|
||
|
|
diff --git a/utils/severity.db b/utils/severity.db
|
||
|
|
index 3c028400..3e07d44e 100644
|
||
|
|
--- a/utils/severity.db
|
||
|
|
+++ b/utils/severity.db
|
||
|
|
@@ -2,6 +2,7 @@
|
||
|
|
#
|
||
|
|
# Copyright (C) 2002-2005 Novell/SUSE
|
||
|
|
# Copyright (C) 2014 Canonical Ltd.
|
||
|
|
+# Copyright (C) 2020 Christian Boltz
|
||
|
|
#
|
||
|
|
# This program is free software; you can redistribute it and/or
|
||
|
|
# modify it under the terms of version 2 of the GNU General Public
|
||
|
|
@@ -28,6 +29,7 @@
|
||
|
|
CAP_SETGID 9
|
||
|
|
CAP_SETUID 9
|
||
|
|
CAP_FOWNER 9
|
||
|
|
+ CAP_BPF 9
|
||
|
|
# Denial of service, bypass audit controls, information leak
|
||
|
|
CAP_SYS_TIME 8
|
||
|
|
CAP_NET_ADMIN 8
|
||
|
|
@@ -49,6 +51,7 @@
|
||
|
|
CAP_BLOCK_SUSPEND 8
|
||
|
|
CAP_DAC_READ_SEARCH 7
|
||
|
|
CAP_AUDIT_READ 7
|
||
|
|
+ CAP_PERFMON 7
|
||
|
|
# unused
|
||
|
|
CAP_NET_BROADCAST 0
|
||
|
|
|