kernel: Only expose su when daemon is running

It has been claimed that the PG implementation of 'su' has security
vulnerabilities even when disabled.  Unfortunately, the people that
find these vulnerabilities often like to keep them private so they
can profit from exploits while leaving users exposed to malicious
hackers.

In order to reduce the attack surface for vulnerabilites, it is
therefore necessary to make 'su' completely inaccessible when it
is not in use (except by the root and system users).

Change-Id: Ia7d50ba46c3d932c2b0ca5fc8e9ec69ec9045f85
Adapted from https://review.lineageos.org/#/c/170648
Used @stargo's PF_SU/PF_FREEZER_NOSIG overlap fix
Signed-off-by: D. Andrei Măceș <dmaces@nd.edu>

0 files changed, 0 insertions, 0 deletions