1. dc32b5c capabilities: fix buffer overread on very short xattr by Eric Biggers · 7 years ago
  2. 55b3a0c Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 7 years ago
  3. dbbbe11 capabilities: audit log other surprising conditions by Richard Guy Briggs · 7 years ago
  4. 588fb2c capabilities: fix logic for effective root or real root by Richard Guy Briggs · 7 years ago
  5. c0d1ade capabilities: invert logic for clarity by Richard Guy Briggs · 7 years ago
  6. 02ebbaf capabilities: remove a layer of conditional logic by Richard Guy Briggs · 7 years ago
  7. 9fbc2c7 capabilities: move audit log decision to function by Richard Guy Briggs · 7 years ago
  8. 81a6a01 capabilities: use intuitive names for id changes by Richard Guy Briggs · 7 years ago
  9. 9304b46 capabilities: use root_priveleged inline to clarify logic by Richard Guy Briggs · 7 years ago
  10. fc7eadf capabilities: rename has_cap to has_fcap by Richard Guy Briggs · 7 years ago
  11. 4c7e715 capabilities: intuitive names for cap gain status by Richard Guy Briggs · 7 years ago
  12. db1a892 capabilities: factor out cap_bprm_set_creds privileged root by Richard Guy Briggs · 7 years ago
  13. 76ba89c7 commoncap: move assignment of fs_ns to avoid null pointer dereference by Colin Ian King · 7 years ago
  14. a302824 Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security by Linus Torvalds · 7 years ago
  15. ab5348c security: fix description of values returned by cap_inode_need_killpriv by Stefan Berger · 7 years ago
  16. dd198ce Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace by Linus Torvalds · 7 years ago
  17. 8db6c34 Introduce v3 namespaced file capabilities by Serge E. Hallyn · 8 years ago
  18. ee67ae7 commoncap: Move cap_elevated calculation into bprm_set_creds by Kees Cook · 7 years ago
  19. 46d98eb commoncap: Refactor to remove bprm_secureexec hook by Kees Cook · 7 years ago
  20. 64db4c7 security: Use user_namespace::level to avoid redundant iterations in cap_capable() by Kirill Tkhai · 8 years ago
  21. ca97d93 security: mark LSM hooks as __ro_after_init by James Morris · 8 years ago
  22. f1ef09f Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace by Linus Torvalds · 8 years ago
  23. 9227dd2 exec: Remove LSM_UNSAFE_PTRACE_CAP by Eric W. Biederman · 8 years ago
  24. 2052313 exec: Test the ptracer's saved cred to see if the tracee can gain caps by Eric W. Biederman · 8 years ago
  25. 7016942 exec: Don't reset euid and egid when the tracee has CAP_SETUID by Eric W. Biederman · 8 years ago
  26. d69dece5 LSM: Add /sys/kernel/security/lsm by Casey Schaufler · 8 years ago
  27. 5d6c319 xattr: Add __vfs_{get,set,remove}xattr helpers by Andreas Gruenbacher · 8 years ago
  28. 380cf5b fs: Treat foreign mounts as nosuid by Andy Lutomirski · 9 years ago
  29. d07b846 fs: Limit file caps to the user namespace of the super block by Seth Forshee · 9 years ago
  30. 7f427d3 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs by Linus Torvalds · 9 years ago
  31. 457db29 security: Introduce security_settime64() by Baolin Wang · 9 years ago
  32. ce23e64 ->getxattr(): pass dentry and inode as separate arguments by Al Viro · 9 years ago
  33. caaee62 ptrace: use fsuid, fsgid, effective creds for fs access checks by Jann Horn · 9 years ago
  34. 746bf6d capabilities: add a securebit to disable PR_CAP_AMBIENT_RAISE by Andy Lutomirski · 9 years ago
  35. 5831905 capabilities: ambient capabilities by Andy Lutomirski · 9 years ago
  36. b1d9e6b LSM: Switch to lists of hooks by Casey Schaufler · 10 years ago
  37. c6f493d VFS: security/: d_backing_inode() annotations by David Howells · 10 years ago
  38. f4a4a8b file->f_path.dentry is pinned down for as long as the file is open... by Al Viro · 10 years ago
  39. b583043 kill f_dentry uses by Al Viro · 10 years ago
  40. 7d8b6c6 CAPABILITIES: remove undefined caps from all processes by Eric Paris · 10 years ago
  41. 6d6f332 commoncap: don't alloc the credential unless needed in cap_task_prctl by Tetsuo Handa · 10 years ago
  42. f54fb86 capabilities: allow nice if we are privileged by Serge Hallyn · 11 years ago
  43. 160da84 userns: Allow PR_CAPBSET_DROP in a user namespace. by Eric W. Biederman · 11 years ago
  44. 182be68 kill f_vfsmnt by Al Viro · 12 years ago
  45. 520d9ea Fix cap_capable to only allow owners in the parent user namespace to have caps. by Eric W. Biederman · 12 years ago
  46. e546785 split ->file_mmap() into ->mmap_addr()/->mmap_file() by Al Viro · 13 years ago
  47. d007794 split cap_mmap_addr() out of cap_file_mmap() by Al Viro · 13 years ago
  48. 644473e Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace by Linus Torvalds · 13 years ago
  49. 898bfc1 Merge tag 'v3.4-rc5' into next by James Morris · 13 years ago
  50. 18815a1 userns: Convert capabilities related permsion checks by Eric W. Biederman · 13 years ago
  51. 078de5f userns: Store uid and gid values in struct cred with kuid_t and kgid_t types by Eric W. Biederman · 13 years ago
  52. 783291e userns: Simplify the user_namespace by making userns->creator a kuid. by Eric W. Biederman · 13 years ago
  53. 51b79be security: fix compile error in commoncap.c by Jonghwan Choi · 13 years ago
  54. d52fc5d fcaps: clear the same personality flags as suid when fcaps are used by Eric Paris · 13 years ago
  55. 259e5e6 Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs by Andy Lutomirski · 13 years ago
  56. aeb3ae9 userns: Add an explicit reference to the parent user namespace by Eric W. Biederman · 13 years ago
  57. c4a4d60 userns: Use cred->user_ns instead of cred->user->user_ns by Eric W. Biederman · 13 years ago
  58. 4040153 security: trim security.h by Al Viro · 13 years ago
  59. c49c41a Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-security by Linus Torvalds · 13 years ago
  60. fd77846 security: remove the security_netlink_recv hook as it is equivalent to capable() by Eric Paris · 13 years ago
  61. 6a9de49 capabilities: remove the task from capable LSM hook entirely by Eric Paris · 13 years ago
  62. 7d8db18 capabilities: initialize has_cap by Serge Hallyn · 13 years ago
  63. 4d49f67 capabilities: do not grant full privs for setuid w/ file caps + no effective caps by Zhi Li · 13 years ago
  64. 4bf2ea7 capabilities: do not special case exec of init by Eric Paris · 14 years ago
  65. 8409cca userns: allow ptrace from non-init user namespaces by Serge E. Hallyn · 14 years ago
  66. 3486740 userns: security: make capabilities relative to the user namespace by Serge E. Hallyn · 14 years ago
  67. 7a63628 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 by Linus Torvalds · 14 years ago
  68. 01a16b2 netlink: kill eff_cap from struct netlink_skb_parms by Patrick McHardy · 14 years ago
  69. 1e6d767 time: Correct the *settime* parameters by Richard Cochran · 14 years ago
  70. 12b3052 capabilities/syslog: open code cap_syslog logic to fix build failure by Eric Paris · 14 years ago
  71. eaf06b2 Restrict unprivileged access to kernel syslog by Dan Rosenberg · 14 years ago
  72. b0ae198 security: remove unused parameter from security_task_setscheduler() by KOSAKI Motohiro · 14 years ago
  73. d762746 Make do_execve() take a const filename pointer by David Howells · 14 years ago
  74. c5b60b5 security: whitespace coding style fixes by Justin P. Mattock · 15 years ago
  75. 6f262d8 Security: Fix the comment of cap_file_mmap() by wzt.wzt@gmail.com · 15 years ago
  76. f40a708 syslog: clean up needless comment by Kees Cook · 15 years ago
  77. d78ca3c syslog: use defined constants instead of raw numbers by Kees Cook · 15 years ago
  78. 0023459 syslog: distinguish between /proc/kmsg and syscalls by Kees Cook · 15 years ago
  79. b3a222e remove CONFIG_SECURITY_FILE_CAPABILITIES compile option by Serge E. Hallyn · 15 years ago
  80. 3e1c251 security: remove root_plug by James Morris · 15 years ago
  81. a2551df7 Security/SELinux: seperate lsm specific mmap_min_addr by Eric Paris · 15 years ago
  82. 7c73875 Capabilities: move cap_file_mmap to commoncap.c by Eric Paris · 15 years ago
  83. 9e48858 security: rename ptrace_may_access => ptrace_access_check by Ingo Molnar · 16 years ago
  84. d254117 Merge branch 'master' into next by James Morris · 16 years ago
  85. 5bf37ec cap_prctl: don't set error to 0 at 'no_change' by Serge E. Hallyn · 16 years ago
  86. b5f22a5 don't raise all privs on setuid-root file with fE set (v2) by Serge E. Hallyn · 16 years ago
  87. ac8cc0f Merge branch 'next' into for-linus by James Morris · 16 years ago
  88. 3699c53 CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #3] by David Howells · 16 years ago
  89. 29881c4 Revert "CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2]" by James Morris · 16 years ago
  90. acfa438 inode->i_op is never NULL by Al Viro · 16 years ago
  91. 14eaddc CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2] by David Howells · 16 years ago
  92. e50a906 capabilities: define get_vfs_caps_from_disk when file caps are not enabled by Eric Paris · 16 years ago
  93. 1d04598 CRED: Prettify commoncap.c by David Howells · 16 years ago
  94. a6f76f2 CRED: Make execve() take advantage of copy-on-write credentials by David Howells · 16 years ago
  95. d84f4f9 CRED: Inaugurate COW credentials by David Howells · 16 years ago
  96. c69e8d9 CRED: Use RCU to access another task's creds and to release a task's own creds by David Howells · 16 years ago
  97. 86a264a CRED: Wrap current->cred and a few other accessors by David Howells · 16 years ago
  98. b6dff3e CRED: Separate task security context from task_struct by David Howells · 16 years ago
  99. 15a2460 CRED: Constify the kernel_cap_t arguments to the capset LSM hooks by David Howells · 16 years ago
  100. 1cdcbec CRED: Neuter sys_capset() by David Howells · 16 years ago