kernel-ark

History

Stephen Smalley 242631c49d selinux: simplify ioctl checking Simplify and improve the robustness of the SELinux ioctl checking by using the "access mode" bits of the ioctl command to determine the permission check rather than dealing with individual command values. This removes any knowledge of specific ioctl commands from SELinux and follows the same guidance we gave to Smack earlier. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>		2008-07-14 15:01:53 +10:00
..
keys	keys: remove unused key_alloc_sem	2008-06-06 11:29:11 -07:00
selinux	selinux: simplify ioctl checking	2008-07-14 15:01:53 +10:00
smack	Security: split proc ptrace checking into read vs. attach	2008-07-14 15:01:47 +10:00
capability.c	capabilities: implement per-process securebits	2008-04-28 08:58:26 -07:00
commoncap.c	Security: split proc ptrace checking into read vs. attach	2008-07-14 15:01:47 +10:00
device_cgroup.c	devcgroup: fix permission check when adding entry to child cgroup	2008-07-13 12:51:18 -07:00
dummy.c	Security: split proc ptrace checking into read vs. attach	2008-07-14 15:01:47 +10:00
inode.c
Kconfig	security: enhance DEFAULT_MMAP_MIN_ADDR description	2008-04-18 20:26:18 +10:00
Makefile	cgroups: implement device whitelist	2008-04-29 08:06:09 -07:00
root_plug.c	root_plug: use cap_task_prctl	2008-04-28 08:58:27 -07:00
security.c	Security: split proc ptrace checking into read vs. attach	2008-07-14 15:01:47 +10:00