kernel-ark/security/smack
Casey Schaufler b4e0d5f079 Smack: UDS revision
This patch addresses a number of long standing issues
    with the way Smack treats UNIX domain sockets.

    All access control was being done based on the label of
    the file system object. This is inconsistant with the
    internet domain, in which access is done based on the
    IPIN and IPOUT attributes of the socket. As a result
    of the inode label policy it was not possible to use
    a UDS socket for label cognizant services, including
    dbus and the X11 server.

    Support for SCM_PEERSEC on UDS sockets is also provided.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: James Morris <jmorris@namei.org>
2010-11-29 09:04:35 +11:00
..
Kconfig Smack: Simplified Mandatory Access Control Kernel 2008-02-05 09:44:20 -08:00
Makefile Smack: Simplified Mandatory Access Control Kernel 2008-02-05 09:44:20 -08:00
smack_access.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
smack_lsm.c Smack: UDS revision 2010-11-29 09:04:35 +11:00
smack.h security: move LSM xattrnames to xattr.h 2010-08-02 15:34:57 +10:00
smackfs.c convert get_sb_single() users 2010-10-29 04:16:28 -04:00