linux/security at 3d2195c3324b27e65ba53d9626a6bd91a2515797 - linux - Gitea: Git with a cup of tea

IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an email to Administrator. User accounts are meant only to access repo and report issues and/or generate pull requests. This is a purpose-specific Git hosting for BaseALT projects. Thank you for your understanding!

Только зарегистрированные пользователи имеют доступ к сервису! Для получения аккаунта, обратитесь к администратору.

iv/linux

History

Eric Paris 3d2195c332 SELinux: do not check open perms if they are not known to policy

When I introduced open perms policy didn't understand them and I
implemented them as a policycap.  When I added the checking of open perm
to truncate I forgot to conditionalize it on the userspace defined
policy capability.  Running an old policy with a new kernel will not
check open on open(2) but will check it on truncate.  Conditionalize the
truncate check the same as the open check.

Signed-off-by: Eric Paris <eparis@redhat.com>
Cc: stable@vger.kernel.org # 3.4.x
Signed-off-by: James Morris <james.l.morris@oracle.com>

2012-07-16 11:41:47 +10:00

..

split ->file_mmap() into ->mmap_addr()/->mmap_file()

2012-05-31 13:11:54 -04:00

ima: fix filename hint to reflect script interpreter name

2012-05-16 10:36:41 +10:00

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal

2012-05-31 18:47:30 -07:00

SELinux: do not check open perms if they are not known to policy

2012-07-16 11:41:47 +10:00

split ->file_mmap() into ->mmap_addr()/->mmap_file()

2012-05-31 13:11:54 -04:00

Merge branch 'master' of git://git.infradead.org/users/eparis/selinux into next

2012-05-22 11:21:06 +10:00

Yama: replace capable() with ns_capable()

2012-05-15 10:27:57 +10:00

capability.c

split ->file_mmap() into ->mmap_addr()/->mmap_file()

2012-05-31 13:11:54 -04:00

commoncap.c

split ->file_mmap() into ->mmap_addr()/->mmap_file()

2012-05-31 13:11:54 -04:00

device_cgroup.c

cgroup: convert all non-memcg controllers to the new cftype interface

2012-04-01 12:09:55 -07:00

inode.c

securityfs: fix object creation races

2012-01-10 10:20:35 -05:00

Kconfig

KEYS: Move the key config into security/keys/Kconfig

2012-05-11 10:56:56 +01:00

lsm_audit.c

LSM: BUILD_BUG_ON if the common_audit_data union ever grows

2012-04-09 12:23:03 -04:00

Makefile

security: Yama LSM

2012-02-10 09:18:52 +11:00

min_addr.c

mmap_min_addr check CAP_SYS_RAWIO only for write

2010-04-23 08:56:31 +10:00

security.c

security: Fix nommu build.

2012-07-03 21:41:03 +10:00