linux/security
Casey Schaufler b4e0d5f079 Smack: UDS revision
This patch addresses a number of long standing issues
    with the way Smack treats UNIX domain sockets.

    All access control was being done based on the label of
    the file system object. This is inconsistant with the
    internet domain, in which access is done based on the
    IPIN and IPOUT attributes of the socket. As a result
    of the inode label policy it was not possible to use
    a UDS socket for label cognizant services, including
    dbus and the X11 server.

    Support for SCM_PEERSEC on UDS sockets is also provided.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: James Morris <jmorris@namei.org>
2010-11-29 09:04:35 +11:00
..
apparmor APPARMOR: Fix memory leak of apparmor_init() 2010-11-11 07:36:22 +11:00
integrity/ima IMA: fix the ToMToU logic 2010-10-26 11:37:19 -07:00
keys keys: add new key-type encrypted 2010-11-29 08:55:29 +11:00
selinux security: Define CAP_SYSLOG 2010-11-29 08:35:12 +11:00
smack Smack: UDS revision 2010-11-29 09:04:35 +11:00
tomoyo fs: take dcache_lock inside __d_path 2010-10-25 21:26:12 -04:00
capability.c capabilities/syslog: open code cap_syslog logic to fix build failure 2010-11-15 15:40:01 -08:00
commoncap.c capabilities/syslog: open code cap_syslog logic to fix build failure 2010-11-15 15:40:01 -08:00
device_cgroup.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
inode.c convert get_sb_single() users 2010-10-29 04:16:28 -04:00
Kconfig keys: add new key-type encrypted 2010-11-29 08:55:29 +11:00
lsm_audit.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
Makefile AppArmor: Enable configuring and building of the AppArmor security module 2010-08-02 15:38:34 +10:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c capabilities/syslog: open code cap_syslog logic to fix build failure 2010-11-15 15:40:01 -08:00