Show patches with: Submitter = Stephen Smalley       |    Archived = No       |   331 patches
« 1 2 3 4 »
Patch Series A/R/T S/W/F Date Submitter Delegate State
[v2] selinux: Generalize support for NNP/nosuid SELinux domain transitions - - - --- 2017-07-24 Stephen Smalley Superseded
selinux-testsuite: Add tests for AT_SECURE - - - --- 2017-07-19 Stephen Smalley Accepted
[2/2] open_init_pty: restore stdin/stdout to blocking upon exit - - - --- 2017-07-18 Stephen Smalley Not Applicable
[1/2] Revert "open_init_pty: Do not make stdin and stdout non-blocking" - - - --- 2017-07-18 Stephen Smalley Not Applicable
libsepol: Define nnp_nosuid_transition policy capability - - - --- 2017-07-14 Stephen Smalley Not Applicable
selinux: Generalize support for NNP/nosuid SELinux domain transitions - - - --- 2017-07-14 Stephen Smalley Superseded
[RFC] selinux: Introduce a policy capability and permission for NNP transitions - - - --- 2017-07-10 Stephen Smalley Superseded
open_init_pty: Do not make stdin and stdout non-blocking - - - --- 2017-07-10 Stephen Smalley Not Applicable
libselinux,libsemanage: fix RUBYLIBS definition - - - --- 2017-06-28 Stephen Smalley Not Applicable
Fix BINDIR/SBINDIR/... variables in Makefiles - - - --- 2017-06-20 Stephen Smalley Not Applicable
[RFC] Make BINDIR/SBINDIR/USRSBINDIR definition and usage consistent. - - - --- 2017-06-19 Stephen Smalley Not Applicable
libselinux: always unmount selinuxfs for SELINUX=disabled - - - --- 2017-06-09 Stephen Smalley Not Applicable
libselinux: fix selabel_lookup*() double slash bug - - - --- 2017-06-01 Stephen Smalley Not Applicable
[3/3] libsepol: Fix alloc-size-larger-than warning from gcc 7 - - - --- 2017-05-31 Stephen Smalley Not Applicable
[2/3] libsemanage: Fix snprintf warnings from gcc 7 - - - --- 2017-05-31 Stephen Smalley Not Applicable
[1/3] libsepol, libsemanage, libselinux: Fix fallthrough warnings from gcc 7 - - - --- 2017-05-31 Stephen Smalley Not Applicable
sort input files - - - --- 2017-05-30 Stephen Smalley Not Applicable
python/semanage: print is a function in python3 - - - --- 2017-05-26 Stephen Smalley Not Applicable
selinux-testsuite: allow more instances of map permission - - - --- 2017-05-25 Stephen Smalley Accepted
selinux: log policy capability state when a policy is loaded - - - --- 2017-05-18 Stephen Smalley Accepted
selinux-testsuite: Test ioctl xperms - - - --- 2017-05-17 Stephen Smalley Accepted
[v2] libsepol, checkpolicy: add binary module support for xperms - - - --- 2017-05-16 Stephen Smalley Not Applicable
libsepol,checkpolicy: add binary module support for xperms - - - --- 2017-05-15 Stephen Smalley Not Applicable
[v2] selinux: log policy capability state when a policy is loaded - - - --- 2017-05-12 Stephen Smalley Changes Requested
selinux: do not check open permission on sockets - - - --- 2017-05-12 Stephen Smalley Accepted
selinux: log policy capability state when a policy is loaded - - - --- 2017-05-12 Stephen Smalley Superseded
checkpolicy,libsepol: drop unnecessary usage of s6_addr32 - - - --- 2017-05-10 Stephen Smalley Not Applicable
selinux-testsuite: update mmap tests for map permission - - - --- 2017-05-09 Stephen Smalley Accepted
libselinux: Fix CFLAGS definition - - - --- 2017-05-09 Stephen Smalley Not Applicable
[RFC] selinux: add a map permission check for mmap - - - --- 2017-05-05 Stephen Smalley Not Applicable
[RFC] selinux: add a map permission check for mmap - - - --- 2017-05-05 Stephen Smalley Accepted
[v2] selinux-testsuite: Add CAP_MAC_ADMIN tests - - - --- 2017-04-20 Stephen Smalley Accepted
selinux-testsuite: Add CAP_MAC_ADMIN tests - - - --- 2017-04-20 Stephen Smalley Accepted
selinux: only invoke capabilities and selinux for CAP_MAC_ADMIN checks - - - --- 2017-04-20 Stephen Smalley Accepted
[v2] libsemanage: Save linked policy, skip re-link when possible - - - --- 2017-04-11 Stephen Smalley Not Applicable
libsemanage: Save linked policy, skip re-link when possible - - - --- 2017-04-11 Stephen Smalley Not Applicable
[2/2] libsemanage: revert "Skip policy module re-link when only setting booleans." - - - --- 2017-04-10 Stephen Smalley Not Applicable
[1/2] libsepol: do not seg fault on sepol_*_key_free(NULL) - - - --- 2017-04-10 Stephen Smalley Not Applicable
Running Java and JVM on SELinux - - - --- 2017-04-04 Stephen Smalley Not Applicable
python/semanage: fix export of fcontext socket entries - - - --- 2017-03-15 Stephen Smalley Not Applicable
fs: switch order of CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH checks 2 1 - --- 2017-03-10 Stephen Smalley Accepted
selinux-testsuite: capable_file: Add dac_override and dac_read_search tests - - - --- 2017-03-02 Stephen Smalley Changes Requested
libsepol: Define cgroup_seclabel policy capability - - - --- 2017-02-28 Stephen Smalley Not Applicable
selinux: wrap cgroup seclabel support with its own policy capability - - - --- 2017-02-28 Stephen Smalley Accepted
selinux: fix kernel BUG on prlimit(..., NULL, NULL) 1 - - --- 2017-02-28 Stephen Smalley Accepted
fs: switch order of CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH checks - - - --- 2017-02-17 Stephen Smalley Superseded
timerfd: only check CAP_WAKE_ALARM when it is needed - - - --- 2017-02-17 Stephen Smalley Accepted
[v2] prlimit,security,selinux: add a security hook for prlimit - - - --- 2017-02-17 Stephen Smalley Accepted
[2/2] selinux-testsuite: fix nnp test for RHEL7 - - - --- 2017-02-16 Stephen Smalley Accepted
[1/2] selinux-testsuite: exclude netlink_socket tests from RHEL7 - - - --- 2017-02-16 Stephen Smalley Accepted
prlimit,security,selinux: add a security hook for prlimit - - - --- 2017-02-16 Stephen Smalley Superseded
selinux-testsuite: Add tests for prlimit(2) permission checks - - - --- 2017-02-13 Stephen Smalley Accepted
[RFC] prlimit,security,selinux: add a security hook for prlimit - - - --- 2017-02-13 Stephen Smalley Accepted
selinux-testsuite: add tests for new netlink socket classes - - - --- 2017-02-06 Stephen Smalley Accepted
selinux-testsuite: fix ptrace test script - - - --- 2017-02-06 Stephen Smalley Accepted
libselinux: do not rely on non-POSIX behavior for write() - - - --- 2017-01-31 Stephen Smalley Not Applicable
selinux: fix off-by-one in setprocattr - - - --- 2017-01-31 Stephen Smalley Accepted
policycoreutils: remove deprecated -o option from fixfiles verify - - - --- 2017-01-27 Stephen Smalley Not Applicable
libselinux: disable filespec hash table stats on non-debug builds - - - --- 2017-01-24 Stephen Smalley Not Applicable
policycoreutils/setfiles: set up a logging callback for libselinux - - - --- 2017-01-24 Stephen Smalley Not Applicable
libselinux: selinux_restorecon: only log no default label warning for caller-supplied pathname - - - --- 2017-01-13 Stephen Smalley Not Applicable
selinux-testsuite: extend sockcreate to support other address families - - - --- 2017-01-13 Stephen Smalley Accepted
libselinux: selinux_restorecon: only log no default label warning if recursive - - - --- 2017-01-13 Stephen Smalley Not Applicable
selinux: drop unused socket security classes - - - --- 2017-01-11 Stephen Smalley Accepted
selinux-testsuite: remove wait test - - - --- 2017-01-10 Stephen Smalley Accepted
security,selinux,smack: kill security_task_wait hook 3 - - --- 2017-01-10 Stephen Smalley Accepted
selinux: clean up cred usage and simplify - - - --- 2016-12-09 Stephen Smalley Changes Requested
selinux-testsuite: Add tests for extended socket classes. - - - --- 2016-12-09 Stephen Smalley Not Applicable
selinux: handle ICMPv6 consistently with ICMP - - - --- 2016-12-08 Stephen Smalley Accepted
[v2] selinux: support distinctions among all network address families - - - --- 2016-12-08 Stephen Smalley Not Applicable
libsepol: Define extended_socket_class policy capability - - - --- 2016-12-08 Stephen Smalley Not Applicable
[v2] selinux: allow context mounts on tmpfs, ramfs, devpts within user namespaces - - - --- 2016-12-08 Stephen Smalley Accepted
[RFC] selinux: allow context mounts on tmpfs, ramfs, devpts within user namespaces - - - --- 2016-12-07 Stephen Smalley Rejected
[v2] selinux: support distinctions among all network address families - - - --- 2016-12-06 Stephen Smalley Accepted
[RFC] selinux: support distinctions among all network address families - - - --- 2016-12-01 Stephen Smalley Superseded
[RFC] selinux: support distinctions among all network address families - - - --- 2016-12-01 Stephen Smalley Superseded
libsepol, libselinux, audit2allow: teach audit2why about type bounds failures - - - --- 2016-11-29 Stephen Smalley Not Applicable
libsepol: sepol_av_to_string: clear static buffer - - - --- 2016-11-29 Stephen Smalley Not Applicable
libselinux: avcstat: Clean up redundant condition - - - --- 2016-11-29 Stephen Smalley Not Applicable
libsepol: do not #include <sys/cdefs.h> - - - --- 2016-11-29 Stephen Smalley Not Applicable
[2/2,v2] libsepol, checkpolicy: convert rangetrans and filenametrans to hashtabs - - - --- 2016-11-28 Stephen Smalley Not Applicable
[1/2,v2] libsepol: do not write object_r types to policy file - - - --- 2016-11-28 Stephen Smalley Not Applicable
[2/2] libsepol, checkpolicy: convert rangetrans and filenametrans to hashtabs - - - --- 2016-11-23 Stephen Smalley Not Applicable
[1/2] libsepol: do not write object_r types to policy file - - - --- 2016-11-23 Stephen Smalley Not Applicable
checkpolicy: treat -self as an error - - - --- 2016-11-18 Stephen Smalley Not Applicable
selinux: keep SELinux in sync with new capability definitions - - - --- 2016-11-18 Stephen Smalley Accepted
libselinux: normalize enforce values from the kernel - - - --- 2016-11-18 Stephen Smalley Not Applicable
selinux: normalize input to /sys/fs/selinux/enforce - - - --- 2016-11-18 Stephen Smalley Accepted
mcstrans: Fix signed/unsigned warnings - - - --- 2016-11-16 Stephen Smalley Not Applicable
libsepol: cil_lexer: make warnings non-fatal for building - - - --- 2016-11-15 Stephen Smalley Not Applicable
libselinux: fix subdir build and usage of cmdline CFLAGS - - - --- 2016-11-14 Stephen Smalley Not Applicable
[v2] libsepol: fix checkpolicy dontaudit compiler bug - - 1 --- 2016-11-14 Stephen Smalley Not Applicable
libsepol: fix checkpolicy dontaudit compiler bug - - - --- 2016-11-14 Stephen Smalley Not Applicable
libsepol: sepol_{bool|iface|user}_key_create: copy name - - - --- 2016-11-08 Stephen Smalley Rejected
libsemanage: fix kernel pathname in semanage_verify_kernel() - - - --- 2016-11-02 Stephen Smalley Not Applicable
libselinux: avc_internal.c: allow building with clang - - - --- 2016-11-01 Stephen Smalley Not Applicable
[2/2] selinux-testsuite: mmap: fix shmat SHM_EXEC test for old policies - - - --- 2016-10-27 Stephen Smalley Not Applicable
[1/2] selinux-testsuite: mmap: fix shmat SHM_EXEC test for old kernels - - - --- 2016-10-27 Stephen Smalley Not Applicable
selinux-testsuite: mmap: add shmat SHM_EXEC test - - - --- 2016-10-27 Stephen Smalley Accepted
libsemanage: genhomedircon: only set MLS level if MLS is enabled - - - --- 2016-10-14 Stephen Smalley Not Applicable
« 1 2 3 4 »