summaryrefslogtreecommitdiff
AgeCommit messageAuthorFilesLines
2017-09-12ANDROID: commoncap: Begin to warn users of implicit PARANOID_NETWORK capabili...John Stultz1-9/+23
2017-01-27ANDROID: security: Add proper checks for Android specific capability checksTushar Behera1-0/+2
2017-01-19ANDROID: security: Add AID_NET_RAW and AID_NET_ADMIN capability check in cap_...Chia-chi Yeh2-0/+10
2016-10-08xattr: Add __vfs_{get,set,remove}xattr helpersAndreas Gruenbacher14-85/+97
2016-06-24fs: Treat foreign mounts as nosuidAndy Lutomirski5-3/+23
2016-06-24fs: Limit file caps to the user namespace of the super blockSeth Forshee3-0/+22
2016-05-17Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds195-1230/+1449
2016-04-22security: Introduce security_settime64()Baolin Wang4-7/+22
2016-04-11->getxattr(): pass dentry and inode as separate argumentsAl Viro34-85/+94
2016-01-21ptrace: use fsuid, fsgid, effective creds for fs access checksJann Horn11-29/+80
2015-09-04capabilities: add a securebit to disable PR_CAP_AMBIENT_RAISEAndy Lutomirski2-2/+12
2015-09-04capabilities: ambient capabilitiesAndy Lutomirski6-11/+113
2015-05-12LSM: Switch to lists of hooksCasey Schaufler13-387/+627
2015-04-15VFS: security/: d_backing_inode() annotationsDavid Howells12-105/+105
2015-01-26file->f_path.dentry is pinned down for as long as the file is open...Al Viro2-9/+2
2014-11-19kill f_dentry usesAl Viro19-37/+31
2014-07-24CAPABILITIES: remove undefined caps from all processesEric Paris5-12/+13
2014-07-24commoncap: don't alloc the credential unless needed in cap_task_prctlTetsuo Handa1-42/+30
2013-08-31capabilities: allow nice if we are privilegedSerge Hallyn1-4/+4
2013-08-31userns: Allow PR_CAPBSET_DROP in a user namespace.Eric W. Biederman1-1/+1
2013-02-26kill f_vfsmntAl Viro5-6/+5
2012-12-14Fix cap_capable to only allow owners in the parent user namespace to have caps.Eric W. Biederman1-8/+17
2012-05-31split ->file_mmap() into ->mmap_addr()/->mmap_file()Al Viro11-78/+64
2012-05-31split cap_mmap_addr() out of cap_file_mmap()Al Viro5-13/+28
2012-05-24Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds85-605/+1787
2012-05-04Merge tag 'v3.4-rc5' into nextJames Morris811-5435/+7629
2012-05-03userns: Convert capabilities related permsion checksEric W. Biederman2-16/+28
2012-05-03userns: Store uid and gid values in struct cred with kuid_t and kgid_t typesEric W. Biederman10-62/+59
2012-04-26userns: Simplify the user_namespace by making userns->creator a kuid.Eric W. Biederman4-29/+29
2012-04-19security: fix compile error in commoncap.cJonghwan Choi1-0/+1
2012-04-18fcaps: clear the same personality flags as suid when fcaps are usedEric Paris1-0/+5
2012-04-14Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privsAndy Lutomirski8-4/+55
2012-04-07userns: Add an explicit reference to the parent user namespaceEric W. Biederman3-8/+8
2012-04-07userns: Use cred->user_ns instead of cred->user->user_nsEric W. Biederman12-24/+24
2012-02-13security: trim security.hAl Viro19-26/+66
2012-01-15Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-securityLinus Torvalds24-189/+120
2012-01-05security: remove the security_netlink_recv hook as it is equivalent to capable()Eric Paris14-58/+10
2012-01-05capabilities: remove the task from capable LSM hook entirelyEric Paris5-39/+31
2011-08-15capabilities: initialize has_capSerge Hallyn1-1/+1
2011-08-12capabilities: do not grant full privs for setuid w/ file caps + no effective ...Zhi Li1-6/+10
2011-04-04capabilities: do not special case exec of initEric Paris1-9/+4
2011-03-24userns: allow ptrace from non-init user namespacesSerge E. Hallyn3-20/+49
2011-03-24userns: security: make capabilities relative to the user namespaceSerge E. Hallyn10-46/+144
2011-03-16Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6Linus Torvalds1143-38046/+118741
2011-03-03netlink: kill eff_cap from struct netlink_skb_parmsPatrick McHardy7-13/+5
2011-02-02time: Correct the *settime* parametersRichard Cochran9-15/+18
2010-11-15capabilities/syslog: open code cap_syslog logic to fix build failureEric Paris7-40/+28
2010-11-12Restrict unprivileged access to kernel syslogDan Rosenberg6-0/+44
2010-10-20security: remove unused parameter from security_task_setscheduler()KOSAKI Motohiro8-26/+17
2010-08-18Make do_execve() take a const filename pointerDavid Howells50-98/+179
[next]
generated by cgit at 2024-05-18 16:21:52 (GMT)