openssh

rpms/openssh

Fork 0

Commit Graph

Author	SHA1	Message	Date
Jakub Jelen	0ebe96b604	Handle root logins the same way as other users (#1269072 ) root users are unconfined by definition, but they can be limited by SELinux so having privilege separation still makes sense. As a consequence we can remove hunk that handled this condition if we skipped forking.	2015-10-22 14:52:55 +02:00
Jakub Jelen	22a08c3da4	Review SELinux user context handling after authentication (#1269072 ) The previous required to have for all SELInux user contexts with setexec capability. Otherwise user would not be able to change password if it is expired. This patch sets correct context and cleans up the exec context. When doing chroot, copy_selinux_context is called twice	2015-10-15 16:21:33 +02:00
Petr Lautrbach	94c6f8ddcc	rebase to openssh-6.6p1	2014-06-03 16:51:07 +02:00

Author

SHA1

Message

Date

Jakub Jelen

0ebe96b604

Handle root logins the same way as other users (#1269072 )

root users are unconfined by definition, but they can be limited by SELinux so having privilege separation still makes sense. As a consequence we can remove hunk that handled this condition if we skipped forking.

2015-10-22 14:52:55 +02:00

Jakub Jelen

22a08c3da4

Review SELinux user context handling after authentication (#1269072 )

The previous required to have for all SELInux user contexts with setexec capability. Otherwise user would not be able to change password if it is expired. This patch sets correct context and cleans up the exec context.

When doing chroot, copy_selinux_context is called twice

2015-10-15 16:21:33 +02:00

Petr Lautrbach

94c6f8ddcc

rebase to openssh-6.6p1

2014-06-03 16:51:07 +02:00

3 Commits