Gitiles
Code Review
Sign In
review.shift-gmbh.com
/
SHIFTPHONES
/
mainline
/
linux
/
dc32b5c3e6e2ef29cef76d9ce1b92d394446150e
/
security
/
commoncap.c
dc32b5c
capabilities: fix buffer overread on very short xattr
by Eric Biggers
· 7 years ago
55b3a0c
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 7 years ago
dbbbe11
capabilities: audit log other surprising conditions
by Richard Guy Briggs
· 7 years ago
588fb2c
capabilities: fix logic for effective root or real root
by Richard Guy Briggs
· 7 years ago
c0d1ade
capabilities: invert logic for clarity
by Richard Guy Briggs
· 7 years ago
02ebbaf
capabilities: remove a layer of conditional logic
by Richard Guy Briggs
· 7 years ago
9fbc2c7
capabilities: move audit log decision to function
by Richard Guy Briggs
· 7 years ago
81a6a01
capabilities: use intuitive names for id changes
by Richard Guy Briggs
· 7 years ago
9304b46
capabilities: use root_priveleged inline to clarify logic
by Richard Guy Briggs
· 7 years ago
fc7eadf
capabilities: rename has_cap to has_fcap
by Richard Guy Briggs
· 7 years ago
4c7e715
capabilities: intuitive names for cap gain status
by Richard Guy Briggs
· 7 years ago
db1a892
capabilities: factor out cap_bprm_set_creds privileged root
by Richard Guy Briggs
· 7 years ago
76ba89c7
commoncap: move assignment of fs_ns to avoid null pointer dereference
by Colin Ian King
· 7 years ago
a302824
Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
by Linus Torvalds
· 7 years ago
ab5348c
security: fix description of values returned by cap_inode_need_killpriv
by Stefan Berger
· 7 years ago
dd198ce
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
by Linus Torvalds
· 7 years ago
8db6c34
Introduce v3 namespaced file capabilities
by Serge E. Hallyn
· 8 years ago
ee67ae7
commoncap: Move cap_elevated calculation into bprm_set_creds
by Kees Cook
· 7 years ago
46d98eb
commoncap: Refactor to remove bprm_secureexec hook
by Kees Cook
· 7 years ago
64db4c7
security: Use user_namespace::level to avoid redundant iterations in cap_capable()
by Kirill Tkhai
· 8 years ago
ca97d93
security: mark LSM hooks as __ro_after_init
by James Morris
· 8 years ago
f1ef09f
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
by Linus Torvalds
· 8 years ago
9227dd2
exec: Remove LSM_UNSAFE_PTRACE_CAP
by Eric W. Biederman
· 8 years ago
2052313
exec: Test the ptracer's saved cred to see if the tracee can gain caps
by Eric W. Biederman
· 8 years ago
7016942
exec: Don't reset euid and egid when the tracee has CAP_SETUID
by Eric W. Biederman
· 8 years ago
d69dece5
LSM: Add /sys/kernel/security/lsm
by Casey Schaufler
· 8 years ago
5d6c319
xattr: Add __vfs_{get,set,remove}xattr helpers
by Andreas Gruenbacher
· 8 years ago
380cf5b
fs: Treat foreign mounts as nosuid
by Andy Lutomirski
· 9 years ago
d07b846
fs: Limit file caps to the user namespace of the super block
by Seth Forshee
· 9 years ago
7f427d3
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
by Linus Torvalds
· 9 years ago
457db29
security: Introduce security_settime64()
by Baolin Wang
· 9 years ago
ce23e64
->getxattr(): pass dentry and inode as separate arguments
by Al Viro
· 9 years ago
caaee62
ptrace: use fsuid, fsgid, effective creds for fs access checks
by Jann Horn
· 9 years ago
746bf6d
capabilities: add a securebit to disable PR_CAP_AMBIENT_RAISE
by Andy Lutomirski
· 9 years ago
5831905
capabilities: ambient capabilities
by Andy Lutomirski
· 9 years ago
b1d9e6b
LSM: Switch to lists of hooks
by Casey Schaufler
· 10 years ago
c6f493d
VFS: security/: d_backing_inode() annotations
by David Howells
· 10 years ago
f4a4a8b
file->f_path.dentry is pinned down for as long as the file is open...
by Al Viro
· 10 years ago
b583043
kill f_dentry uses
by Al Viro
· 10 years ago
7d8b6c6
CAPABILITIES: remove undefined caps from all processes
by Eric Paris
· 10 years ago
6d6f332
commoncap: don't alloc the credential unless needed in cap_task_prctl
by Tetsuo Handa
· 10 years ago
f54fb86
capabilities: allow nice if we are privileged
by Serge Hallyn
· 11 years ago
160da84
userns: Allow PR_CAPBSET_DROP in a user namespace.
by Eric W. Biederman
· 11 years ago
182be68
kill f_vfsmnt
by Al Viro
· 12 years ago
520d9ea
Fix cap_capable to only allow owners in the parent user namespace to have caps.
by Eric W. Biederman
· 12 years ago
e546785
split ->file_mmap() into ->mmap_addr()/->mmap_file()
by Al Viro
· 13 years ago
d007794
split cap_mmap_addr() out of cap_file_mmap()
by Al Viro
· 13 years ago
644473e
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
by Linus Torvalds
· 13 years ago
898bfc1
Merge tag 'v3.4-rc5' into next
by James Morris
· 13 years ago
18815a1
userns: Convert capabilities related permsion checks
by Eric W. Biederman
· 13 years ago
078de5f
userns: Store uid and gid values in struct cred with kuid_t and kgid_t types
by Eric W. Biederman
· 13 years ago
783291e
userns: Simplify the user_namespace by making userns->creator a kuid.
by Eric W. Biederman
· 13 years ago
51b79be
security: fix compile error in commoncap.c
by Jonghwan Choi
· 13 years ago
d52fc5d
fcaps: clear the same personality flags as suid when fcaps are used
by Eric Paris
· 13 years ago
259e5e6
Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs
by Andy Lutomirski
· 13 years ago
aeb3ae9
userns: Add an explicit reference to the parent user namespace
by Eric W. Biederman
· 13 years ago
c4a4d60
userns: Use cred->user_ns instead of cred->user->user_ns
by Eric W. Biederman
· 13 years ago
4040153
security: trim security.h
by Al Viro
· 13 years ago
c49c41a
Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security
by Linus Torvalds
· 13 years ago
fd77846
security: remove the security_netlink_recv hook as it is equivalent to capable()
by Eric Paris
· 13 years ago
6a9de49
capabilities: remove the task from capable LSM hook entirely
by Eric Paris
· 13 years ago
7d8db18
capabilities: initialize has_cap
by Serge Hallyn
· 13 years ago
4d49f67
capabilities: do not grant full privs for setuid w/ file caps + no effective caps
by Zhi Li
· 13 years ago
4bf2ea7
capabilities: do not special case exec of init
by Eric Paris
· 14 years ago
8409cca
userns: allow ptrace from non-init user namespaces
by Serge E. Hallyn
· 14 years ago
3486740
userns: security: make capabilities relative to the user namespace
by Serge E. Hallyn
· 14 years ago
7a63628
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6
by Linus Torvalds
· 14 years ago
01a16b2
netlink: kill eff_cap from struct netlink_skb_parms
by Patrick McHardy
· 14 years ago
1e6d767
time: Correct the *settime* parameters
by Richard Cochran
· 14 years ago
12b3052
capabilities/syslog: open code cap_syslog logic to fix build failure
by Eric Paris
· 14 years ago
eaf06b2
Restrict unprivileged access to kernel syslog
by Dan Rosenberg
· 14 years ago
b0ae198
security: remove unused parameter from security_task_setscheduler()
by KOSAKI Motohiro
· 14 years ago
d762746
Make do_execve() take a const filename pointer
by David Howells
· 14 years ago
c5b60b5
security: whitespace coding style fixes
by Justin P. Mattock
· 15 years ago
6f262d8
Security: Fix the comment of cap_file_mmap()
by wzt.wzt@gmail.com
· 15 years ago
f40a708
syslog: clean up needless comment
by Kees Cook
· 15 years ago
d78ca3c
syslog: use defined constants instead of raw numbers
by Kees Cook
· 15 years ago
0023459
syslog: distinguish between /proc/kmsg and syscalls
by Kees Cook
· 15 years ago
b3a222e
remove CONFIG_SECURITY_FILE_CAPABILITIES compile option
by Serge E. Hallyn
· 15 years ago
3e1c251
security: remove root_plug
by James Morris
· 15 years ago
a2551df7
Security/SELinux: seperate lsm specific mmap_min_addr
by Eric Paris
· 15 years ago
7c73875
Capabilities: move cap_file_mmap to commoncap.c
by Eric Paris
· 15 years ago
9e48858
security: rename ptrace_may_access => ptrace_access_check
by Ingo Molnar
· 16 years ago
d254117
Merge branch 'master' into next
by James Morris
· 16 years ago
5bf37ec
cap_prctl: don't set error to 0 at 'no_change'
by Serge E. Hallyn
· 16 years ago
b5f22a5
don't raise all privs on setuid-root file with fE set (v2)
by Serge E. Hallyn
· 16 years ago
ac8cc0f
Merge branch 'next' into for-linus
by James Morris
· 16 years ago
3699c53
CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #3]
by David Howells
· 16 years ago
29881c4
Revert "CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2]"
by James Morris
· 16 years ago
acfa438
inode->i_op is never NULL
by Al Viro
· 16 years ago
14eaddc
CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2]
by David Howells
· 16 years ago
e50a906
capabilities: define get_vfs_caps_from_disk when file caps are not enabled
by Eric Paris
· 16 years ago
1d04598
CRED: Prettify commoncap.c
by David Howells
· 16 years ago
a6f76f2
CRED: Make execve() take advantage of copy-on-write credentials
by David Howells
· 16 years ago
d84f4f9
CRED: Inaugurate COW credentials
by David Howells
· 16 years ago
c69e8d9
CRED: Use RCU to access another task's creds and to release a task's own creds
by David Howells
· 16 years ago
86a264a
CRED: Wrap current->cred and a few other accessors
by David Howells
· 16 years ago
b6dff3e
CRED: Separate task security context from task_struct
by David Howells
· 16 years ago
15a2460
CRED: Constify the kernel_cap_t arguments to the capset LSM hooks
by David Howells
· 16 years ago
1cdcbec
CRED: Neuter sys_capset()
by David Howells
· 16 years ago
Next »