Show patches with: none      |   4765 patches
« 1 2 ... 45 46 47 48 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v4,07/21] selinux: Add support for unprivileged mounts from user namespaces 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,06/21] fs: Treat foreign mounts as nosuid 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,05/21] block_dev: Check permissions towards block device inode when mounting 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,03/21] fs: Allow sysfs and cgroupfs to share super blocks between user namespaces 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,01/21] fs: fix a posible leak of allocated superblock 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,19/21] fuse: Support fuse filesystems outside of init_user_ns - - - 0 0 0 2016-04-26 Seth Forshee New
[v4,18/21] fuse: Add support for pid namespaces 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,16/21] fs: Allow superblock owner to access do_remount_sb() 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,13/21] fs: Update posix_acl support to handle user namespace mounts 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,11/21] cred: Reject inodes with invalid ids in set_create_file_as() 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,10/21] fs: Check for invalid i_uid in may_follow_link() 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,08/21] userns: Replace in_userns with current_in_userns 2 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,04/21] block_dev: Support checking inode permissions in lookup_bdev() 1 - - 0 0 0 2016-04-26 Seth Forshee New
[v4,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - 0 0 0 2016-04-26 Seth Forshee New
selinux: Build policy on systems not supporting DCCP protocol - - - 0 0 0 2016-04-24 Richard Haines Accepted
[v2,8/8] genhomedircon: fix FALLBACK_NAME regex - - - 0 0 0 2016-04-23 Jason Zaman Superseded
[v2,7/8] genhomedircon: write contexts for username and userid - - - 0 0 0 2016-04-23 Jason Zaman Superseded
[v2,6/8] genhomedircon: make USERID, USERNAME context lists - - - 0 0 0 2016-04-23 Jason Zaman Superseded
[v2,5/8] genhomedircon: Add uid and gid to struct user_entry - - - 0 0 0 2016-04-23 Jason Zaman Superseded
[v2,4/8] genhomedircon: make all write context funcs take user_entry struct - - - 0 0 0 2016-04-23 Jason Zaman Superseded
[v2,3/8] genhomedircon: rename FALLBACK #defines consistent with struct - - - 0 0 0 2016-04-23 Jason Zaman Superseded
[v2,2/8] genhomedircon: move fallback user to genhomedircon_user_entry_t - - - 0 0 0 2016-04-23 Jason Zaman Superseded
[v2,1/8] genhomedircon: factor out common replacement code - - - 0 0 0 2016-04-23 Jason Zaman Superseded
[v3,21/21] fuse: Allow user namespace mounts - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,18/21] fuse: Add support for pid namespaces - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,17/21] capabilities: Allow privileged user in s_user_ns to set security.* xattrs - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,16/21] fs: Allow superblock owner to access do_remount_sb() - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,14/21] fs: Allow superblock owner to change ownership of inodes with unmappable ids - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,13/21] fs: Update posix_acl support to handle user namespace mounts - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,12/21] fs: Refuse uid/gid changes which don't map into s_user_ns - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,11/21] cred: Reject inodes with invalid ids in set_create_file_as() - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,10/21] fs: Check for invalid i_uid in may_follow_link() - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,09/21] Smack: Handle labels consistently in untrusted mounts - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,08/21] userns: Replace in_userns with current_in_userns - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,07/21] selinux: Add support for unprivileged mounts from user namespaces - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,06/21] fs: Treat foreign mounts as nosuid - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,04/21] block_dev: Support checking inode permissions in lookup_bdev() - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,03/21] fs: Allow sysfs and cgroupfs to share super blocks between user namespaces - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,02/21] fs: Remove check of s_user_ns for existing mounts in fs_fully_visible() - - - 0 0 0 2016-04-22 Seth Forshee Superseded
[v3,01/21] fs: fix a posible leak of allocated superblock - - - 0 0 0 2016-04-22 Seth Forshee Superseded
Fix extended permissions neverallow checking - - - 0 0 0 2016-04-20 Jeffrey Vander Stoep Accepted
selinux: check ss_initialized before revalidating an inode label - - - 0 0 0 2016-04-19 Paul Moore Accepted
selinux: delay inode label lookup as long as possible - - - 0 0 0 2016-04-19 Paul Moore Accepted
selinux: don't revalidate an inode's label when explicitly setting it - - - 0 0 0 2016-04-19 Paul Moore Accepted
[6/6] libsepol: When generating CIL use HLL line mark for neverallows - - - 0 0 0 2016-04-19 James Carter Rejected
[5/6] libsepol/cil: Remove path field from cil_tree_node struct - - - 0 0 0 2016-04-19 James Carter Rejected
[4/6] libsepol/cil: Replace cil_log() calls with cil_tree_log() - - - 0 0 0 2016-04-19 James Carter Rejected
[3/6] libsepol/cil: Add cil_tree_log() and supporting functions - - - 0 0 0 2016-04-19 James Carter Rejected
[2/6] libsepol/cil: Store CIL filename in parse tree and AST - - - 0 0 0 2016-04-19 James Carter Rejected
[1/6] libsepol/cil: Add high-level language line marking support - - - 0 0 0 2016-04-19 James Carter Rejected
security/selinux: Change bool variable name to index. - - - 0 0 0 2016-04-14 Prarit Bhargava Accepted
[RFC] selinux: always return a value from the netport/netnode/netif caches - - - 0 0 0 2016-04-13 Paul Moore Rejected
[3/3] libsepol/cil: Cleanup neverallow checking and fail if bounds checking fails - - - 0 0 0 2016-04-13 James Carter Accepted
[2/3] libsepol/cil: Improve type bounds check reporting - - - 0 0 0 2016-04-13 James Carter Accepted
[1/3] libsepol/cil: Fixed bug in cil_type_match_any() - - - 0 0 0 2016-04-13 James Carter Accepted
fixfiles: make sure $LOGFILE starts with a slash - - - 0 0 0 2016-04-12 Oskari Saarenmaa Not Applicable
selinux-testsuite: Update README - - - 0 0 0 2016-04-12 Stephen Smalley Accepted
libselinux: Fix typo in sefcontext_compile.8 - - - 0 0 0 2016-04-12 Petr Lautrbach Accepted
selinux: apply execstack check on thread stacks - - - 0 0 0 2016-04-08 Stephen Smalley Accepted
selinux: distinguish non-init user namespace capability checks - - - 0 0 0 2016-04-08 Stephen Smalley Accepted
[7/7] genhomedircon: write contexts for username and userid - - - 0 0 0 2016-04-08 Jason Zaman Superseded
[6/7] genhomedircon: make USERID, USERNAME context lists - - - 0 0 0 2016-04-08 Jason Zaman Superseded
[5/7] genhomedircon: Add uid and gid to struct user_entry - - - 0 0 0 2016-04-08 Jason Zaman Superseded
[4/7] genhomedircon: make all write context funcs take user_entry struct - - - 0 0 0 2016-04-08 Jason Zaman Superseded
[3/7] genhomedircon: rename FALLBACK #defines consistent with struct - - - 0 0 0 2016-04-08 Jason Zaman Superseded
[2/7] genhomedircon: move fallback user to genhomedircon_user_entry_t - - - 0 0 0 2016-04-08 Jason Zaman Superseded
[1/7] genhomedircon: factor out common replacement code - - - 0 0 0 2016-04-08 Jason Zaman Superseded
[2/2,v3] checkpolicy: Fail if module name different than output base filename - - - 0 0 0 2016-04-08 James Carter Accepted
[1/2,v3] policycoreutils/hll/pp: Warn if module name different than output filename - - - 0 0 0 2016-04-08 James Carter Accepted
[net-next] security: drop the unused hook skb_owned_by - - - 0 0 0 2016-04-08 Paolo Abeni Accepted
[2/2,v2] checkpolicy: Warn if module name different than output filename - - - 0 0 0 2016-04-07 James Carter Superseded
[1/2,v2] policycoreutils/hll/pp: Warn if module name different than output filename - - - 0 0 0 2016-04-07 James Carter Superseded
[RFC] selinux-testsuite: Add test for execstack on thread stack - - - 0 0 0 2016-04-06 Stephen Smalley Superseded
[RFC] selinux: apply execstack check on thread stacks - - - 0 0 0 2016-04-06 Stephen Smalley Superseded
[RFC] selinux-testsuite: Add tests for non-init userns capability checks - - - 0 0 0 2016-04-06 Stephen Smalley Superseded
[RFC] selinux-testsuite: Add tests for non-init userns capability checks - - - 0 0 0 2016-04-06 Stephen Smalley Superseded
[RFC] selinux: distinguish non-init user namespace capability checks - - - 0 0 0 2016-04-06 Stephen Smalley Superseded
selinux: Add support for portcon dccp protocol - - - 0 0 0 2016-04-06 Richard Haines Accepted
cil_mem.c: #define _GNU_SOURCE - - - 0 0 0 2016-04-06 Nick Kralevich Rejected
[v3] selinux: restrict kernel module loading - - - 0 0 0 2016-04-05 Jeffrey Vander Stoep Accepted
[v2] selinux: restrict kernel module loading - - - 0 0 0 2016-04-03 Jeffrey Vander Stoep Superseded
selinux: restrict kernel module loading - - - 0 0 0 2016-04-01 Jeffrey Vander Stoep Superseded
selinux: consolidate the ptrace parent lookup code - - - 0 0 0 2016-04-01 Paul Moore Accepted
selinux: simply inode label states to INVALID and INITIALIZED - - - 0 0 0 2016-03-28 Paul Moore Accepted
selinux: don't revalidate inodes in selinux_socket_getpeersec_dgram() - - - 0 0 0 2016-03-28 Paul Moore Accepted
[RESEND,v2,11/18] fs: Ensure the mounter of a filesystem is privileged towards its inodes - - - 0 0 0 2016-03-28 Seth Forshee Superseded
netlabel: fix a problem with netlbl_secattr_catmap_setrng() - - - 0 0 0 2016-03-28 Paul Moore Accepted
[3/3] checkpolicy: Warn if module name different than filenames - - - 0 0 0 2016-03-25 James Carter Superseded
[2/3] policycoreutils/hll/pp: Warn if module name different from filenames - - - 0 0 0 2016-03-25 James Carter Superseded
[1/3] libsepol: Add function to check if module name matches filename - - - 0 0 0 2016-03-25 James Carter Superseded
Just sent a small patch to github to fix the selinuxfs man pages. - - - 0 0 0 2016-03-25 Daniel Walsh Accepted
selinux: fix memory leak on node_ptr on error return path - - - 0 0 0 2016-03-21 Colin Ian King Rejected
policycoreutils/sepolgen: Add support for TYPEBOUNDS statement in INTERFACE policy files. - - - 0 0 0 2016-03-21 Miroslav Grepl Accepted
libsepol/cil: fix bug when resetting class permission values - - - 0 0 0 2016-03-17 Steve Lawrence Accepted
fs: remove excess check for in_userns - - - 0 0 0 2016-03-15 Pavel Tikhomirov Not Applicable
fs: fix a posible leak of allocated superblock - - - 0 0 0 2016-03-15 Pavel Tikhomirov Not Applicable
libselinux: only mount /proc if necessary - - - 0 0 0 2016-02-29 Stephen Smalley Accepted
« 1 2 ... 45 46 47 48 »