| Commit message (Expand) | Author | Age | Files | Lines |
* | capabilities: add a securebit to disable PR_CAP_AMBIENT_RAISE | Andy Lutomirski | 2015-09-05 | 1 | -1/+2 |
* | capabilities: ambient capabilities | Andy Lutomirski | 2015-09-05 | 1 | -10/+92 |
* | LSM: Switch to lists of hooks | Casey Schaufler | 2015-05-12 | 1 | -8/+33 |
* | VFS: security/: d_backing_inode() annotations | David Howells | 2015-04-15 | 1 | -3/+3 |
* | file->f_path.dentry is pinned down for as long as the file is open... | Al Viro | 2015-01-26 | 1 | -5/+1 |
* | kill f_dentry uses | Al Viro | 2014-11-19 | 1 | -1/+1 |
* | CAPABILITIES: remove undefined caps from all processes | Eric Paris | 2014-07-24 | 1 | -0/+3 |
* | commoncap: don't alloc the credential unless needed in cap_task_prctl | Tetsuo Handa | 2014-07-24 | 1 | -42/+30 |
* | capabilities: allow nice if we are privileged | Serge Hallyn | 2013-08-31 | 1 | -4/+4 |
* | userns: Allow PR_CAPBSET_DROP in a user namespace. | Eric W. Biederman | 2013-08-31 | 1 | -1/+1 |
* | kill f_vfsmnt | Al Viro | 2013-02-26 | 1 | -1/+1 |
* | Fix cap_capable to only allow owners in the parent user namespace to have caps. | Eric W. Biederman | 2012-12-14 | 1 | -8/+17 |
* | split ->file_mmap() into ->mmap_addr()/->mmap_file() | Al Viro | 2012-05-31 | 1 | -18/+3 |
* | split cap_mmap_addr() out of cap_file_mmap() | Al Viro | 2012-05-31 | 1 | -9/+23 |
* | Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi... | Linus Torvalds | 2012-05-24 | 1 | -25/+36 |
|\ |
|
| * | userns: Convert capabilities related permsion checks | Eric W. Biederman | 2012-05-03 | 1 | -15/+26 |
| * | userns: Store uid and gid values in struct cred with kuid_t and kgid_t types | Eric W. Biederman | 2012-05-03 | 1 | -2/+1 |
| * | userns: Simplify the user_namespace by making userns->creator a kuid. | Eric W. Biederman | 2012-04-26 | 1 | -2/+3 |
| * | userns: Add an explicit reference to the parent user namespace | Eric W. Biederman | 2012-04-08 | 1 | -1/+1 |
| * | userns: Use cred->user_ns instead of cred->user->user_ns | Eric W. Biederman | 2012-04-08 | 1 | -7/+7 |
* | | Merge tag 'v3.4-rc5' into next | James Morris | 2012-05-04 | 1 | -0/+6 |
|\ \ |
|
| * | | security: fix compile error in commoncap.c | Jonghwan Choi | 2012-04-19 | 1 | -0/+1 |
| * | | fcaps: clear the same personality flags as suid when fcaps are used | Eric Paris | 2012-04-18 | 1 | -0/+5 |
| |/ |
|
* / | Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs | Andy Lutomirski | 2012-04-14 | 1 | -2/+5 |
|/ |
|
* | security: trim security.h | Al Viro | 2012-02-14 | 1 | -0/+1 |
* | Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security | Linus Torvalds | 2012-01-15 | 1 | -17/+7 |
|\ |
|
| * | security: remove the security_netlink_recv hook as it is equivalent to capable() | Eric Paris | 2012-01-06 | 1 | -8/+0 |
| * | capabilities: remove the task from capable LSM hook entirely | Eric Paris | 2012-01-06 | 1 | -9/+7 |
* | | capabilities: initialize has_cap | Serge Hallyn | 2011-08-16 | 1 | -1/+1 |
* | | capabilities: do not grant full privs for setuid w/ file caps + no effective ... | Zhi Li | 2011-08-12 | 1 | -6/+10 |
|/ |
|
* | capabilities: do not special case exec of init | Eric Paris | 2011-04-04 | 1 | -9/+4 |
* | userns: allow ptrace from non-init user namespaces | Serge E. Hallyn | 2011-03-24 | 1 | -8/+32 |
* | userns: security: make capabilities relative to the user namespace | Serge E. Hallyn | 2011-03-24 | 1 | -7/+31 |
* | Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 | Linus Torvalds | 2011-03-17 | 1 | -2/+1 |
|\ |
|
| * | netlink: kill eff_cap from struct netlink_skb_parms | Patrick McHardy | 2011-03-03 | 1 | -2/+1 |
* | | time: Correct the *settime* parameters | Richard Cochran | 2011-02-02 | 1 | -1/+1 |
|/ |
|
* | capabilities/syslog: open code cap_syslog logic to fix build failure | Eric Paris | 2010-11-16 | 1 | -21/+0 |
* | Restrict unprivileged access to kernel syslog | Dan Rosenberg | 2010-11-12 | 1 | -0/+2 |
* | security: remove unused parameter from security_task_setscheduler() | KOSAKI Motohiro | 2010-10-21 | 1 | -4/+1 |
* | Make do_execve() take a const filename pointer | David Howells | 2010-08-18 | 1 | -1/+1 |
* | security: whitespace coding style fixes | Justin P. Mattock | 2010-04-23 | 1 | -2/+2 |
* | Security: Fix the comment of cap_file_mmap() | wzt.wzt@gmail.com | 2010-04-20 | 1 | -1/+1 |
* | syslog: clean up needless comment | Kees Cook | 2010-02-05 | 1 | -1/+0 |
* | syslog: use defined constants instead of raw numbers | Kees Cook | 2010-02-04 | 1 | -2/+3 |
* | syslog: distinguish between /proc/kmsg and syscalls | Kees Cook | 2010-02-04 | 1 | -1/+6 |
* | remove CONFIG_SECURITY_FILE_CAPABILITIES compile option | Serge E. Hallyn | 2009-11-24 | 1 | -70/+2 |
* | security: remove root_plug | James Morris | 2009-10-20 | 1 | -1/+1 |
* | Security/SELinux: seperate lsm specific mmap_min_addr | Eric Paris | 2009-08-06 | 1 | -1/+1 |
* | Capabilities: move cap_file_mmap to commoncap.c | Eric Paris | 2009-08-06 | 1 | -0/+30 |
* | security: rename ptrace_may_access => ptrace_access_check | Ingo Molnar | 2009-06-24 | 1 | -2/+2 |