leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5294bac97e
linux/security
History
Thomas Cedeno 5294bac97e LSM: SafeSetID: Add GID security policy handling 
The SafeSetID LSM has functionality for restricting setuid() calls based
on its configured security policies. This patch adds the analogous
functionality for setgid() calls. This is mostly a copy-and-paste change
with some code deduplication, plus slight modifications/name changes to
the policy-rule-related structs (now contain GID rules in addition to
the UID ones) and some type generalization since SafeSetID now needs to
deal with kgid_t and kuid_t types.

Signed-off-by: Thomas Cedeno <thomascedeno@google.com>
Signed-off-by: Micah Morton <mortonm@chromium.org>
2020-10-13 09:17:35 -07:00
..
apparmor treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
bpf bpf: lsm: Initialize the BPF LSM hooks 2020-03-30 01:34:00 +02:00
integrity treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
keys treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
loadpin block: move block-related definitions out of fs.h 2020-06-24 09:16:02 -06:00
lockdown Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2020-06-02 17:36:24 -07:00
safesetid LSM: SafeSetID: Add GID security policy handling 2020-10-13 09:17:35 -07:00
selinux treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
smack treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
tomoyo treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
yama sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
commoncap.c exec: Compute file based creds only once 2020-05-29 22:00:54 -05:00
device_cgroup.c device_cgroup: Fix RCU list debugging warning 2020-08-20 11:25:03 -07:00
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
Kconfig Replace HTTP links with HTTPS ones: security 2020-08-06 12:00:05 -07:00
Kconfig.hardening security: allow using Clang's zero initialization for stack variables 2020-06-16 02:06:23 -07:00
lsm_audit.c audit: purge audit_log_string from the intra-kernel audit API 2020-07-21 11:12:31 -04:00
Makefile device_cgroup: Cleanup cgroup eBPF device filter code 2020-04-13 14:41:54 -04:00
min_addr.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
security.c security: Fix hook iteration and default value for inode_copy_up_xattr 2020-06-23 16:39:23 -07:00