cc0531ea4f99f906f60892a1411c2f4d4974fd44 - mirrors/cros/chromiumos/overlays/eclass-overlay

commit	cc0531ea4f99f906f60892a1411c2f4d4974fd44	[log] [tgz]
author	Lutz Justen <ljusten@chromium.org>	Wed Jun 12 13:26:25 2019 +0200
committer	chrome-bot <chrome-bot@chromium.org>	Sat Jun 22 12:40:24 2019 -0700
tree	589afa9f8aac4328aa6fe95ae7e325cd5139aeb7
parent	735e0a5ac48b748d45966164832f916c5024a650 [diff]

Add kerberosd-exec user and group

In order to prevent exploits in third-party code from accessing password
information, the Kerberos daemon will run third-party code as
kerberosd-exec user in a separate process and prevent it from switching
back.

BUG=chromium:973391
TEST=None

Cq-Depend: chromium:1655314
Change-Id: I2da6c00bc6449242236a27111afc90d5273aa300
Reviewed-on: https://chromium-review.googlesource.com/1655609
Tested-by: Lutz Justen <ljusten@chromium.org>
Commit-Ready: Lutz Justen <ljusten@chromium.org>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Lutz Justen <ljusten@chromium.org>

profiles/base/accounts/group/kerberosd-exec[Added - diff]
profiles/base/accounts/user/kerberosd-exec[Added - diff]

2 files changed

tree: 589afa9f8aac4328aa6fe95ae7e325cd5139aeb7