Commit message (Expand)AuthorAgeFilesLines
* security: Add proper checks for Android specific capability checksTushar Behera2013-02-191-0/+2
* security: Add AID_NET_RAW and AID_NET_ADMIN capability check in cap_capable().Chia-chi Yeh2013-02-191-0/+9
* Fix cap_capable to only allow owners in the parent user namespace to have caps.Eric W. Biederman2012-12-141-8/+17
* split ->file_mmap() into ->mmap_addr()/->mmap_file()Al Viro2012-05-311-18/+3
* split cap_mmap_addr() out of cap_file_mmap()Al Viro2012-05-311-9/+23
* Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebi...Linus Torvalds2012-05-231-25/+36
| * userns: Convert capabilities related permsion checksEric W. Biederman2012-05-031-15/+26
| * userns: Store uid and gid values in struct cred with kuid_t and kgid_t typesEric W. Biederman2012-05-031-2/+1
| * userns: Simplify the user_namespace by making userns->creator a kuid.Eric W. Biederman2012-04-261-2/+3
| * userns: Add an explicit reference to the parent user namespaceEric W. Biederman2012-04-071-1/+1
| * userns: Use cred->user_ns instead of cred->user->user_nsEric W. Biederman2012-04-071-7/+7
* | Merge tag 'v3.4-rc5' into nextJames Morris2012-05-031-0/+6
|\ \
| * | security: fix compile error in commoncap.cJonghwan Choi2012-04-181-0/+1
| * | fcaps: clear the same personality flags as suid when fcaps are usedEric Paris2012-04-171-0/+5
| |/
* / Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privsAndy Lutomirski2012-04-131-2/+5
* security: trim security.hAl Viro2012-02-131-0/+1
* Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-securityLinus Torvalds2012-01-141-17/+7
| * security: remove the security_netlink_recv hook as it is equivalent to capable()Eric Paris2012-01-051-8/+0
| * capabilities: remove the task from capable LSM hook entirelyEric Paris2012-01-051-9/+7
* | capabilities: initialize has_capSerge Hallyn2011-08-151-1/+1
* | capabilities: do not grant full privs for setuid w/ file caps + no effective ...Zhi Li2011-08-121-6/+10
* capabilities: do not special case exec of initEric Paris2011-04-031-9/+4
* userns: allow ptrace from non-init user namespacesSerge E. Hallyn2011-03-231-8/+32
* userns: security: make capabilities relative to the user namespaceSerge E. Hallyn2011-03-231-7/+31
* Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6Linus Torvalds2011-03-161-2/+1
| * netlink: kill eff_cap from struct netlink_skb_parmsPatrick McHardy2011-03-031-2/+1
* | time: Correct the *settime* parametersRichard Cochran2011-02-021-1/+1
* capabilities/syslog: open code cap_syslog logic to fix build failureEric Paris2010-11-151-21/+0
* Restrict unprivileged access to kernel syslogDan Rosenberg2010-11-121-0/+2
* security: remove unused parameter from security_task_setscheduler()KOSAKI Motohiro2010-10-201-4/+1
* Make do_execve() take a const filename pointerDavid Howells2010-08-171-1/+1
* security: whitespace coding style fixesJustin P. Mattock2010-04-221-2/+2
* Security: Fix the comment of cap_file_mmap()wzt.wzt@gmail.com2010-04-191-1/+1
* syslog: clean up needless commentKees Cook2010-02-051-1/+0
* syslog: use defined constants instead of raw numbersKees Cook2010-02-031-2/+3
* syslog: distinguish between /proc/kmsg and syscallsKees Cook2010-02-031-1/+6
* remove CONFIG_SECURITY_FILE_CAPABILITIES compile optionSerge E. Hallyn2009-11-231-70/+2
* security: remove root_plugJames Morris2009-10-201-1/+1
* Security/SELinux: seperate lsm specific mmap_min_addrEric Paris2009-08-051-1/+1
* Capabilities: move cap_file_mmap to commoncap.cEric Paris2009-08-051-0/+30
* security: rename ptrace_may_access => ptrace_access_checkIngo Molnar2009-06-241-2/+2
* Merge branch 'master' into nextJames Morris2009-05-081-1/+0
| * cap_prctl: don't set error to 0 at 'no_change'Serge E. Hallyn2009-04-081-1/+0
* | don't raise all privs on setuid-root file with fE set (v2)Serge E. Hallyn2009-04-021-0/+32
* Merge branch 'next' into for-linusJames Morris2009-01-061-15/+14
| * CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #3]David Howells2009-01-061-15/+14
| * Revert "CRED: Fix regression in cap_capable() as shown up by sys_faccessat() ...James Morris2009-01-061-29/+13
| * CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2]David Howells2009-01-041-13/+29
* | inode->i_op is never NULLAl Viro2009-01-051-3/+3
* capabilities: define get_vfs_caps_from_disk when file caps are not enabledEric Paris2008-11-141-0/+6