linux-stable/apparmor at 77b513dda90fd99bd1225410b25e745b74779c1c - linux-stable - MyRedstone

Kernel/linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-10 07:00:48 +00:00

History

John Johansen c29bceb396 Fix execve behavior apparmor for PR_{GET,SET}_NO_NEW_PRIVS

Add support for AppArmor to explicitly fail requested domain transitions
if NO_NEW_PRIVS is set and the task is not unconfined.

Transitions from unconfined are still allowed because this always results
in a reduction of privileges.

Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Will Drewry <wad@chromium.org>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Andy Lutomirski <luto@amacapital.net>

v18: new acked-by, new description
Signed-off-by: James Morris <james.l.morris@oracle.com>

2012-04-14 11:13:18 +10:00

..

LSM: shrink sizeof LSM specific portion of common_audit_data

2012-04-03 09:48:40 -07:00

.gitignore

.gitignore: ignore apparmor/rlim_names.h

2010-10-21 10:12:35 +11:00

apparmorfs.c

AppArmor: export known rlimit names/value mappings in securityfs

2012-02-27 11:38:19 -08:00

audit.c

lsm_audit: don't specify the audit pre/post callbacks in 'struct common_audit_data'

2012-04-03 09:49:59 -07:00

capability.c

LSM: shrink sizeof LSM specific portion of common_audit_data

2012-04-03 09:48:40 -07:00

context.c

AppArmor: contexts used in attaching policy to system objects

2010-08-02 15:35:12 +10:00

domain.c

Fix execve behavior apparmor for PR_{GET,SET}_NO_NEW_PRIVS

2012-04-14 11:13:18 +10:00

file.c

LSM: shrink sizeof LSM specific portion of common_audit_data

2012-04-03 09:48:40 -07:00

ipc.c

LSM: shrink sizeof LSM specific portion of common_audit_data

2012-04-03 09:48:40 -07:00

Kconfig

apparmor: depends on NET

2010-08-05 07:36:51 -04:00

lib.c

LSM: shrink sizeof LSM specific portion of common_audit_data

2012-04-03 09:48:40 -07:00

lsm.c

LSM: shrink sizeof LSM specific portion of common_audit_data

2012-04-03 09:48:40 -07:00

Makefile

AppArmor: Fix location of const qualifier on generated string tables

2012-03-19 18:22:46 -07:00

match.c

AppArmor: Update dfa matching routines.

2012-03-14 06:15:24 -07:00

path.c

AppArmor: Move path failure information into aa_get_name and rename

2012-03-14 06:15:25 -07:00

policy_unpack.c

LSM: shrink sizeof LSM specific portion of common_audit_data

2012-04-03 09:48:40 -07:00

policy.c

LSM: shrink sizeof LSM specific portion of common_audit_data

2012-04-03 09:48:40 -07:00

procattr.c

apparmor: sparse fix: include procattr.h in procattr.c

2011-09-09 16:56:29 -07:00

resource.c

LSM: shrink sizeof LSM specific portion of common_audit_data

2012-04-03 09:48:40 -07:00

sid.c

AppArmor: core policy routines

2010-08-02 15:38:37 +10:00