SELinux - Date Index
[Prev Page][Next Page]
- Re: [PATCH] libselinux: simplify procattr cache
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: [PATCH 2/3] libsepol/cil: add ioctl whitelist support
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH 1/3] libsepol: fix memory leak when destroying avtab containing extended avrules
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH 2/3] libsepol/cil: add ioctl whitelist support
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- [PATCH 3/3] secilc: Add documentation for allowx, auditallowx, dontauditx, and permissionx
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- [PATCH 1/3] libsepol: fix memory leak when destroying avtab containing extended avrules
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- [PATCH 0/3] Add CIL extended avrule & ioctl whitelist support
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: William Roberts <bill.c.roberts@xxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: William Roberts <bill.c.roberts@xxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- Re: Linux Firmware Signing
- From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- RE: Linux Firmware Signing
- From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
- Re: Linux Firmware Signing
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: question about semanage fcontext and awareness of file_contexts.local file
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- Re: Linux Firmware Signing
- From: David Woodhouse <dwmw2@xxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "David Woodhouse" <dwmw2@xxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: Linux Firmware Signing
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: Linux Firmware Signing
- From: "Luis R. Rodriguez" <mcgrof@xxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: William Roberts <bill.c.roberts@xxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: Nick Kralevich <nnk@xxxxxxxxxx>
- Re: My notes on the 2015 Linux Security Summit
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: My notes on the 2015 Linux Security Summit
- From: Dominick Grift <dac.override@xxxxxxxxx>
- My notes on the 2015 Linux Security Summit
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: kernel access to device comm is kdevtmpfs
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: question about semanage fcontext and awareness of file_contexts.local file
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: question about semanage fcontext and awareness of file_contexts.local file
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- Re: [PATCH] libsepol: create new keys with copy of 'name' variable
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH] policycoreutils: audit2* - ignore setlocale errors
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: get pywrap depends on selinux.py
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Add policy context validation to sefcontext_compile
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libsepol: create new keys with copy of 'name' variable
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH] libsepol: create new keys with copy of 'name' variable
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- [PATCH] policycoreutils: audit2* - ignore setlocale errors
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: question about semanage fcontext and awareness of file_contexts.local file
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: question about semanage fcontext and awareness of file_contexts.local file
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- Re: question about semanage fcontext and awareness of file_contexts.local file
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3 02/11] lsm: /proc/$PID/attr/label_map file and getprocattr_seq hook
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- Re: [PATCH v3 02/11] lsm: /proc/$PID/attr/label_map file and getprocattr_seq hook
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v2 2/7] userns: Simpilify MNT_NODEV handling.
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: auditing kdbus service names
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
- 答复: selinux mls/mcs rang modify
- From: rowan <rowanPang_selinux@xxxxxxxxxxx>
- question about semanage fcontext and awareness of file_contexts.local file
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- [GIT PULL] SELinux patches for 4.3
- From: Paul Moore <pmoore@xxxxxxxxxx>
- Re: auditing kdbus service names
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
- Re: selinux mls/mcs rang modify
- From: Dominick Grift <dac.override@xxxxxxxxx>
- [PATCH] libselinux: get pywrap depends on selinux.py
- From: <wenzong.fan@xxxxxxxxxxxxx>
- selinux mls/mcs rang modify
- From: rowan <rowanPang_selinux@xxxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: auditing kdbus service names
- From: Steve Grubb <sgrubb@xxxxxxxxxx>
- [PATCH] libselinux: Add policy context validation to sefcontext_compile
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- Re: auditing kdbus service names
- From: Paul Moore <pmoore@xxxxxxxxxx>
- Re: [PATCH v2 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: Incorrect check in pam_rootok
- From: Tomas Mraz <tmraz@xxxxxxxxxx>
- Incorrect check in pam_rootok
- From: "Christopher J. PeBenito" <cpebenito@xxxxxxxxxx>
- auditing kdbus service names
- From: Paul Moore <pmoore@xxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- 答复: How do you relabel all SELinux file contexts of an offline system's file system?
- From: rowan <rowanPang_selinux@xxxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH] libselinux: do not treat an empty file_contexts(.local) as an error
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2 0/3] Add support for extracting modules
- From: "Christopher J. PeBenito" <cpebenito@xxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH v2 0/3] Add support for extracting modules
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: [PATCH v2 0/3] Add support for extracting modules
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH v2 0/3] Add support for extracting modules
- From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
- Re: [PATCH v2 0/3] Add support for extracting modules
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2 0/3] Add support for extracting modules
- From: Sven Vermeulen <sven.vermeulen@xxxxxxxxx>
- [PATCH] libselinux: fail hard on invalid property_contexts entries
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: fail hard on invalid file_contexts entries
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: support context validation on file_contexts.bin
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH v2 0/3] Add support for extracting modules
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH v2 3/3] policycoreutils/semodule: update semodule to allow extracting modules
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH v2 2/3] libsemanage: Fix null pointer dereference in semanage_module_key_destroy
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH v2 1/3] libsemanage: Add ability to extract modules
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH v2 0/3] Add support for extracting modules
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH] libselinux: test for file_contexts.bin format
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] sepolgen: convert cmp functions to key functions
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] sepolgen: Decode output from Popen in Python3
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: add selabel_cmp interface and label_file backend
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] sepolgen: convert cmp functions to key functions
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH] sepolgen: Decode output from Popen in Python3
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: How do you relabel all SELinux file contexts of an offline system's file system?
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- How do you relabel all SELinux file contexts of an offline system's file system?
- From: Bond Masuda <bond.masuda@xxxxxxxxxx>
- [PATCH] libselinux: support specifying file_contexts.bin file path
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: support file_contexts.bin without file_contexts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] semanage_migrate_store: add -r <root> option for migrating inside chroots
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2] libsepol: Replace sscanf in module_to_cil
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: Kees Cook <keescook@xxxxxxxxxxxx>
- Re: Does it matter where .cil modules are build.
- From: Dan <dtdevore64@xxxxxxxxx>
- Re: m4 synclines always 1?
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- m4 synclines always 1?
- From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
- Re: secilc bug
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: [PATCH 3/3] policycoreutils/semodule: update semodule to allow extracting modules
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Amir Goldstein <amir@xxxxxxxxxxx>
- Re: [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: Does it matter where .cil modules are build.
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: Does it matter where .cil modules are build.
- From: Dan <dtdevore64@xxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 3/3] policycoreutils/semodule: update semodule to allow extracting modules
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH] policycoreutils: Comment constraint rules in audit2allow and sepolgen output
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Does it matter where .cil modules are build.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH] checkpolicy: fix double free on name-based type transitions
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Android checkpolicy crash
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Android checkpolicy crash
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v3 04/11] lsm: inode_pre_setxattr hook
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- Re: [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Amir Goldstein <amir@xxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Amir Goldstein <amir@xxxxxxxxxxx>
- Re: [PATCH v3 05/11] smack: extend capability functions and fix 2 checks
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3 06/11] smack: don't use implicit star to display smackfs/syslog
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3 04/11] lsm: inode_pre_setxattr hook
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3 03/11] lsm: add file opener's cred to a setprocattr arguments
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3 02/11] lsm: /proc/$PID/attr/label_map file and getprocattr_seq hook
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Does it matter where .cil modules are build.
- From: Dan <dtdevore64@xxxxxxxxx>
- Re: [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Colin Walters <walters@xxxxxxxxxx>
- [PATCH] policycoreutils: Comment constraint rules in audit2allow and sepolgen output
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Amir Goldstein <amir@xxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Amir Goldstein <amir@xxxxxxxxxxx>
- [PATCH] semanage_migrate_store: add -r <root> option for migrating inside chroots
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Serge Hallyn <serge.hallyn@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Android checkpolicy crash
- From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Amir Goldstein <amir@xxxxxxxxxxx>
- Re: [PATCH] policycoreutils/semanage: improve compatibility with Python 3 in seobject.py
- From: Michal Srb <msrb@xxxxxxxxxx>
- Re: [PATCH] policycoreutils/semanage: improve compatibility with Python 3 in seobject.py
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- [PATCH] policycoreutils/semanage: improve compatibility with Python 3 in seobject.py
- From: Michal Srb <msrb@xxxxxxxxxx>
- Improve Python 3 support in policycoreutils/semanage/seobject.py
- From: Michal Srb <msrb@xxxxxxxxxx>
- Re: [PATCH 3/3] policycoreutils/semodule: update semodule to allow extracting modules
- From: Sven Vermeulen <sven.vermeulen@xxxxxxxxx>
- Re: [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: Lukasz Pawelczyk <havner@xxxxxxxxx>
- Re: [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: Lukasz Pawelczyk <havner@xxxxxxxxx>
- Re: [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: Lukasz Pawelczyk <havner@xxxxxxxxx>
- Re: [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: Lukasz Pawelczyk <havner@xxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH v2] libsepol: Replace sscanf in module_to_cil
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH 1/3] libsemanage: Add ability to extract modules
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH 3/3] policycoreutils/semodule: update semodule to allow extracting modules
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH 0/3] Add support for extracting modules
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH 2/3] libsemanage: Fix null pointer dereference in semanage_module_key_destroy
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH v2] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Dave Chinner <david@xxxxxxxxxxxxx>
- Re: [PATCH v2] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Hugh Dickins <hughd@xxxxxxxxxx>
- Re: [PATCH v2] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Hugh Dickins <hughd@xxxxxxxxxx>
- RE: [PATCH 1/2] libselinux: generalize read_spec_entries for any delimiter
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH 1/2] libselinux: generalize read_spec_entries for any delimiter
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH 2/2] libsepol: Replace sscanf in module_to_cil
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH 1/2] libselinux: generalize read_spec_entries for any delimiter
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- [PATCH 0/2] Generalize tokenizer and remove sscanf calls from libsepol
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH v2] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [RFC][PATCH] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH v2] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH v3 03/11] lsm: add file opener's cred to a setprocattr arguments
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 00/11] Smack namespace
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 10/11] smack: namespace implementation
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 11/11] smack: documentation for the Smack namespace
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 02/11] lsm: /proc/$PID/attr/label_map file and getprocattr_seq hook
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 07/11] smack: abstraction layer for 2 common Smack operations
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 09/11] smack: namespace groundwork
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 08/11] smack: misc cleanups in preparation for a namespace patch
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 05/11] smack: extend capability functions and fix 2 checks
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 06/11] smack: don't use implicit star to display smackfs/syslog
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- [PATCH v3 04/11] lsm: inode_pre_setxattr hook
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- Re: [RFC][PATCH] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Dave Chinner <david@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Dave Chinner <david@xxxxxxxxxxxxx>
- Re: [RFC][PATCH] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: Trouble building a .cil policy from scratch.
- From: Dan <dtdevore64@xxxxxxxxx>
- [RFC][PATCH] ipc: Use private shmem or hugetlbfs inodes for shm segments.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: "J. Bruce Fields" <bfields@xxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Dave Chinner <david@xxxxxxxxxxxxx>
- Re: Trouble building a .cil policy from scratch.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Trouble building a .cil policy from scratch.
- From: Dan <dtdevore64@xxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: "J. Bruce Fields" <bfields@xxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Austin S Hemmelgarn <ahferroin7@xxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH] libsepol/cil: Improve resolution error messages
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: "J. Bruce Fields" <bfields@xxxxxxxxxxxx>
- Re: [PATCH 3/4] policycoreutils/semanage: improve compatibility with Python 3
- From: Michal Srb <msrb@xxxxxxxxxx>
- [PATCH] policycoreutils: semanage: fix moduleRecords deleteall method
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libsemanage: Add file_contexts and seusers to the store
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 3/4] policycoreutils/semanage: improve compatibility with Python 3
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libsemanage: Add file_contexts and seusers to the store
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Improve Python 3 support in policycoreutils
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [GIT PULL] policycoreutils: fix PEP8 issues
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Dave Chinner <david@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH] libsemanage: Add file_contexts and seusers to the store
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: bfields@xxxxxxxxxxxx (J. Bruce Fields)
- [PATCH 4/4] policycoreutils/scripts: improve compatibility with Python 3
- From: Michal Srb <msrb@xxxxxxxxxx>
- [PATCH 3/4] policycoreutils/semanage: improve compatibility with Python 3
- From: Michal Srb <msrb@xxxxxxxxxx>
- [PATCH 2/4] policycoreutils/sandbox: improve compatibility with Python 3
- From: Michal Srb <msrb@xxxxxxxxxx>
- [PATCH 1/4] policycoreutils/audit2allow: improve compatibility with Python 3
- From: Michal Srb <msrb@xxxxxxxxxx>
- Improve Python 3 support in policycoreutils
- From: Michal Srb <msrb@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Colin Walters <walters@xxxxxxxxxx>
- [PATCH] libselinux: simplify procattr cache
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: Restricting samba to only talk to one network interface?
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Michal Srb <msrb@xxxxxxxxxx>
- [GIT PULL] policycoreutils: fix PEP8 issues
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- RE: Restricting samba to only talk to one network interface?
- From: Colin Powers <Colin.Powers@xxxxxxxxx>
- Re: Restricting samba to only talk to one network interface?
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Restricting samba to only talk to one network interface?
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Restricting samba to only talk to one network interface?
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- Re: [PATCH 4/7] fs: Treat foreign mounts as nosuid
- From: Nikolay Borisov <n.borisov@xxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Dave Chinner <david@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Dave Chinner <david@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Restricting samba to only talk to one network interface?
- From: Colin Powers <Colin.Powers@xxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: [PATCH 06/11] sepolgen: Replace usage of __cmp__ with rich comparison.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 06/11] sepolgen: Replace usage of __cmp__ with rich comparison.
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] Set self.sename to sename after calling semanage_seuser_set_sename()
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH] libsepol: fix policydb_read for policy versions < 24
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Trouble building secilc compiler
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Lukasz Pawelczyk <l.pawelczyk@xxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Trouble building secilc compiler
- From: Dan <dtdevore64@xxxxxxxxx>
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Andy Lutomirski <luto@xxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: [PATCH 7/7] smack: Don't use security labels for user namespace mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH 7/7] smack: Don't use security labels for user namespace mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH 6/7] selinux: Ignore security labels on user namespace mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH 4/7] fs: Treat foreign mounts as nosuid
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH 5/7] security: Restrict security attribute updates for userns mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH 2/7] userns: Simpilify MNT_NODEV handling.
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH 1/7] fs: Add user namesapace member to struct super_block
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- [PATCH 0/7] Initial support for user namespace owned mounts
- From: Seth Forshee <seth.forshee@xxxxxxxxxxxxx>
- Re: Python3 Support for Sepolgen module
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 11/11] sepolgen: Edit tests so they pass even on Python3 where hash is random.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 09/11] sepolgen: Apply fixes discovered by 2to3 where needed.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 10/11] sepolgen: Close files after reading/writing in tests.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 08/11] sepolgen: Replace usage of xrange inside of tests.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 07/11] sepolgen: Replace usage of attributes of types module
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 06/11] sepolgen: Replace usage of __cmp__ with rich comparison.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 05/11] sepolgen: Unicode-objects must be encoded before hashing.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 04/11] sepolgen: Use sort function with key parameter.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 02/11] sepolgen: Use relative imports for modules within sepolgen.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 03/11] sepolgen: Replace func_code calls with __code__.
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [PATCH 01/11] sepolgen: Replace deprecated *Equals functions in tests
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- [no subject]
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- [PATCH v2] Currently, jobs run by at are run in the crond_t domain and not transitioned outside of it.
- From: Laurent Bigonville <bigon@xxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: ebiederm@xxxxxxxxxxxx (Eric W. Biederman)
- Re: [PATCH 0/7] Initial support for user namespace owned mounts
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH] sepolgen: add support for python3
- From: Jason Zaman <jason@xxxxxxxxxxxxx>
- Re: [PATCH] sepolgen: add support for python3
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: executing off of a fusefs
- From: William Roberts <bill.c.roberts@xxxxxxxxx>
- [PATCH] Set self.sename to sename after calling semanage_seuser_set_sename()
- From: Laurent Bigonville <bigon@xxxxxxxxxx>
- [PATCH] selinux-testsuite: ipsec-load: Derive state context from current context.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: enable running new tests on RHEL6/7
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: Clean up prerequisites/dependencies.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2] libselinux: use /proc/thread-self when available
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2] libselinux: use /proc/thread-self when available
- From: Eric Paris <eparis@xxxxxxxxxx>
- Re: [PATCH] sepolgen: add support for python3
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: [PATCH] selinux: do not remap unknown SIDs to the unlabeled context
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] selinux: do not remap unknown SIDs to the unlabeled context
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux: do not remap unknown SIDs to the unlabeled context
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: move unix_socket and mmmap tests out of SUBDIRS_COMMON
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: semanage: TypeError: cannot concatenate 'str' and 'NoneType' objects
- From: Laurent Bigonville <bigon@xxxxxxxxxx>
- Re: semanage: TypeError: cannot concatenate 'str' and 'NoneType' objects
- From: Laurent Bigonville <bigon@xxxxxxxxxx>
- Re: [PATCH] sepolgen: add support for python3
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2] libselinux: use /proc/thread-self when available
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] sepolgen: add support for python3
- From: Robert Kuska <rkuska@xxxxxxxxxx>
- Re: [PATCH v2] libselinux: use /proc/thread-self when available
- From: Eric Paris <eparis@xxxxxxxxxx>
- [PATCH v2] libselinux: use /proc/thread-self when available
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: use /proc/thread-self when available
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux: fix mprotect PROT_EXEC regression caused by mm change
- From: Hugh Dickins <hughd@xxxxxxxxxx>
- Re: [PATCH] Explicitly declare the role "base_r"
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- SELinux tree updates
- From: Paul Moore <pmoore@xxxxxxxxxx>
- [PATCH] selinux-testsuite: update for mprotect PROT_EXEC regression fix
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [GIT PULL] SELinux fixes for 4.2 (#2)
- From: Paul Moore <pmoore@xxxxxxxxxx>
- Re: [PATCH] selinux: fix mprotect PROT_EXEC regression caused by mm change
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] selinux: fix mprotect PROT_EXEC regression caused by mm change
- From: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Add const to selinux_opt for label backends.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: executing off of a fusefs
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: Add const to selinux_opt for label backends.
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- RE: executing off of a fusefs
- From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
- Re: executing off of a fusefs
- From: William Roberts <bill.c.roberts@xxxxxxxxx>
- [PATCH] selinux: fix mprotect PROT_EXEC regression caused by mm change
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: executing off of a fusefs
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS
- From: Hugh Dickins <hughd@xxxxxxxxxx>
- [GIT PULL] SELinux fixes for 4.2
- From: Paul Moore <pmoore@xxxxxxxxxx>
- executing off of a fusefs
- From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
- Re: [PATCH] Add SELinux support to run jobs in the proper domain
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS
- From: Hugh Dickins <hughd@xxxxxxxxxx>
- Re: [PATCH] Fix typo in semanage args for minimum policy store
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] Add SELinux support to run jobs in the proper domain
- From: Laurent Bigonville <bigon@xxxxxxxxxx>
- Re: [PATCH] Fix typo in semanage args for minimum policy store
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH] Fix typo in semanage args for minimum policy store
- From: Dominick Grift <dac.override@xxxxxxxxx>
- [PATCH] Fix typo in semanage args for minimum policy store
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS
- From: Morten Stevens <mstevens@xxxxxxxxxxxxxxxxx>
- Re: Linux 4.2-rc1
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: Linux 4.2-rc1
- From: William Roberts <bill.c.roberts@xxxxxxxxx>
- Re: Linux 4.2-rc1
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Linux 4.2-rc1
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: Linux 4.2-rc1
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: unix_socket: Add tests for file namespace.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS
- From: Stephen Smalley <stephen.smalley@xxxxxxxxx>
- Re: [PATCH] Explicitly declare the role "base_r"
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] Explicitly declare the role "base_r"
- From: Laurent Bigonville <bigon@xxxxxxxxxx>
- [PATCH] selinux-testsuite: Add tests for mmap/mprotect
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
- Re: [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- Re: [PATCH v2] libsemanage: Add policy binary and file_contexts.local to the store
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2] libselinux: Fix file labels for regexes with metachars
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix file labels for regexes with metachars
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
- [PATCH] libselinux: Fix binary file labels for regexes with metachars
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- [PATCH v2] libsemanage: Add policy binary and file_contexts.local to the store
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH] libsemanage: Add policy binary and file_contexts.local to the store
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH v2] libselinux: Fix file labels for regexes with metachars
- From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
- Re: [PATCH v2] libselinux: Fix file labels for regexes with metachars
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
- [PATCH v2] libselinux: Fix file labels for regexes with metachars
- From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
- [PATCH] libsemanage: Add policy binary and file_contexts.local to the store
- From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
- Re: [PATCH] libselinux: Fix file labels for regexes with metachars
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- [PATCH] libselinux: Fix file labels for regexes with metachars
- From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
- [PATCH] selinux: don't waste ebitmap space when importing NetLabel categories
- From: Paul Moore <pmoore@xxxxxxxxxx>
- Re: type inheritance in CIL
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: type inheritance in CIL
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: type inheritance in CIL
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: type inheritance in CIL
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: type inheritance in CIL
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: type inheritance in CIL
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: type inheritance in CIL
- From: Dominick Grift <dac.override@xxxxxxxxx>
- type inheritance in CIL
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: [PATCH V2] libselinux: Fix if file_contexts not '\n' terminated
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH V2] libselinux: Fix if file_contexts not '\n' terminated
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: Add a ToDo list.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: add secmark tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Fix if file_contexts not '\n' terminated
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: Fix if file_contexts not '\n' terminated
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: add labeled ipsec tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: Add tests for name_bind/node_bind/name_connect.
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] Allow to use compressed modules without a compression extension
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- [PATCH] Allow to use compressed modules without a compression extension
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- [PATCH v3] selinux-testsuite: fix unix/inet socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: Add tests for name_bind/node_bind/name_connect.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: fix unix/inet socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: fix unix/inet socket tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: fix unix/inet socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: fix unix/inet socket tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH v2] selinux-testsuite: fix unix/inet socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: fix unix/inet socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: fix unix/inet socket tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #3]
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: fix unix/inet socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Strange behavior: type boundaries
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: [PATCH] libselinux: Correctly handle an empty file_contexts file.
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
- Re: Strange behavior: type boundaries
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Strange behavior: type boundaries
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Strange behavior: type boundaries
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Strange behavior: type boundaries
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: Strange behavior: type boundaries
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Strange behavior: type boundaries
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: [PATCH 00/10 v3] Improve libsepol and CIL neverallow and bounds checking
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH] libselinux: Correctly handle an empty file_contexts file.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: libselinux equivalent of restorecon -F
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 10/10 v3] secilc: Add a CIL policy file to test bounds checking.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH 09/10 v3] secilc: Add a CIL policy file to test neverallow checking.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH 08/10 v3] libsepol/cil: Add CIL bounds checking and reporting.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH 07/10 v3] libsepol/cil: Track number of classes and number of types and attributes.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH 06/10 v3] libsepol/cil: Refactored CIL neverallow checking and reporting.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH 05/10 v3] libsepol/cil: Add function to search the CIL AST for an AV rule.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- libselinux equivalent of restorecon -F
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #3]
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: NFS
- From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
- Re: NFS
- From: Andrew Holway <andrew.holway@xxxxxxxxxxxxxxxx>
- Re: [PATCH 04/10 v3] libsepol: Refactored bounds (hierarchy) checking code
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: NFS
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH 03/10 v3] libsepol: Refactored neverallow checking.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- NFS
- From: Andrew Holway <andrew.holway@xxxxxxxxxxxxxxxx>
- Re: [PATCH 02/10 v3] libsepol: Treat types like an attribute in the attr_type_map.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 01/10 v3] libsepol: Add new ebitmap function named ebitmap_match_any()
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH 10/10 v3] secilc: Add a CIL policy file to test bounds checking.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 08/10 v3] libsepol/cil: Add CIL bounds checking and reporting.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 09/10 v3] secilc: Add a CIL policy file to test neverallow checking.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 06/10 v3] libsepol/cil: Refactored CIL neverallow checking and reporting.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 04/10 v3] libsepol: Refactored bounds (hierarchy) checking code
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 05/10 v3] libsepol/cil: Add function to search the CIL AST for an AV rule.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 07/10 v3] libsepol/cil: Track number of classes and number of types and attributes.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 03/10 v3] libsepol: Refactored neverallow checking.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 02/10 v3] libsepol: Treat types like an attribute in the attr_type_map.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 01/10 v3] libsepol: Add new ebitmap function named ebitmap_match_any()
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 00/10 v3] Improve libsepol and CIL neverallow and bounds checking
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH 04/10 v2] libsepol: Refactored bounds (hierarchy) checking code
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #3]
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 04/10 v2] libsepol: Refactored bounds (hierarchy) checking code
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 04/10 v2] libsepol: Refactored bounds (hierarchy) checking code
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH 02/10 v2] libsepol: Treat types like an attribute in the attr_type_map.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 02/10 v2] libsepol: Treat types like an attribute in the attr_type_map.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 02/10 v2] libsepol: Treat types like an attribute in the attr_type_map.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH] selinux: Augment BUG_ON assertion for secclass_map.
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] selinux: initialize sock security class to default value
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH v3] selinux: reduce locking overhead in inode_free_security()
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #3]
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] SELinux: Create a common helper to determine an inode label [ver #3]
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #2]
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #2]
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #2]
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label [ver #2]
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 5/8] SELinux: Stub in copy-up handling
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label
- From: David Howells <dhowells@xxxxxxxxxx>
- [PATCH] SELinux: Create a common helper to determine an inode label [ver #2]
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH] SELinux: Create a common helper to determine an inode label
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] SELinux: Create a common helper to determine an inode label
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH 7/8] SELinux: Create a common helper to determine an inode label
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 7/8] SELinux: Create a common helper to determine an inode label
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 7/8] SELinux: Create a common helper to determine an inode label
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH 5/7] SELinux: Handle opening of a unioned file
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH 7/8] SELinux: Create a common helper to determine an inode label
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 7/8] SELinux: Create a common helper to determine an inode label
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH 6/8] SELinux: Handle opening of a unioned file
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH 7/8] SELinux: Create a common helper to determine an inode label
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 6/8] SELinux: Handle opening of a unioned file
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 5/8] SELinux: Stub in copy-up handling
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 04/10 v2] libsepol: Refactored bounds (hierarchy) checking code
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 02/10 v2] libsepol: Treat types like an attribute in the attr_type_map.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 02/10 v2] libsepol: Treat types like an attribute in the attr_type_map.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 01/10 v2] libsepol: Add new ebitmap function named ebitmap_match_any()
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 5/7] SELinux: Handle opening of a unioned file
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 5/7] SELinux: Handle opening of a unioned file
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 5/7] SELinux: Handle opening of a unioned file
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH 5/7] SELinux: Handle opening of a unioned file
- From: David Howells <dhowells@xxxxxxxxxx>
- [PATCH 06/10 v2] libsepol/cil: Refactored CIL neverallow checking and reporting.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 04/10 v2] libsepol: Refactored bounds (hierarchy) checking code
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 09/10 v2] secilc: Add a CIL policy file to test neverallow checking.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 08/10 v2] libsepol/cil: Add CIL bounds checking and reporting.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 07/10 v2] libsepol/cil: Track number of classes and number of types and attributes.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 02/10 v2] libsepol: Treat types like an attribute in the attr_type_map.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 03/10 v2] libsepol: Refactored neverallow checking.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 05/10 v2] libsepol/cil: Add function to search the CIL AST for an AV rule.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 10/10 v2] secilc: Add a CIL policy file to test bounds checking.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 00/10 v2] Improve libsepol and CIL neverallow and bounds checking
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 01/10 v2] libsepol: Add new ebitmap function named ebitmap_match_any()
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH 5/7] SELinux: Handle opening of a unioned file
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [RFC][PATCH] net/tipc: initialize security state for new connection socket
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 5/7] SELinux: Handle opening of a unioned file
- From: David Howells <dhowells@xxxxxxxxxx>
- [RFC][PATCH] net/tipc: initialize security state for new connection socket
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2] selinux-testsuite: add inet_socket tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- [PATCH v2] selinux-testsuite: add inet_socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 5/7] SELinux: Handle opening of a unioned file
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] selinux-testsuite: add inet_socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 5/7] SELinux: Handle opening of a unioned file
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH V3] libselinux: Enhance file context support
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH V3] libselinux: Enhance file context support
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- Re: [PATCH V2] libselinux: Enhance file context support
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- Re: [PATCH v3] selinux: reduce locking overhead in inode_free_security()
- From: Yury <yury.norov@xxxxxxxxx>
- [PATCH V2] libselinux: Enhance file context support
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- Re: [PATCH V2] libselinux: Fix property processing and cleanup formatting
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH V2] libselinux: Fix property processing and cleanup formatting
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- Re: [PATCH v2] selinux: reduce locking overhead in inode_free_security()
- From: Waiman Long <waiman.long@xxxxxx>
- Re: Kernel error: SELinux: Invalid class 0
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: Kernel error: SELinux: Invalid class 0
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v3] selinux: reduce locking overhead in inode_free_security()
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH v3] selinux: reduce locking overhead in inode_free_security()
- From: Waiman Long <Waiman.Long@xxxxxx>
- [PATCH] selinux: Augment BUG_ON assertion for secclass_map.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH V2] libselinux: Enhance file context support
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] selinux: initialize sock security class to default value
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 5/7] SELinux: Handle opening of a unioned file
- From: David Howells <dhowells@xxxxxxxxxx>
- Re: [PATCH] libselinux: Fix property processing and cleanup formatting
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Enhance file context support
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Enhance file context support
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] libselinux: Enhance file context support
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 05/10] libsepol/cil: Add function to search the CIL AST for an AV rule.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH v2] selinux: reduce locking overhead in inode_free_security()
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] policy_define.c: fix compiler warnings
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] Remove uses of -Wno-return-type.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] checkpolicy: switch operations to extended perms
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 5/7] SELinux: Handle opening of a unioned file
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [RFC][PATCH] selinux: Remove unused permission definitions
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] libselinux: Fix property processing and cleanup formatting
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- [PATCH] libselinux: Enhance file context support
- From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
- Re: [PATCH v2] selinux: reduce locking overhead in inode_free_security()
- From: Raghavendra K T <raghavendra.kt@xxxxxxxxxxxxxxxxxx>
- Re: [PATCH v2] selinux: reduce locking overhead in inode_free_security()
- From: Eric Paris <eparis@xxxxxxxxxx>
- Re: [PATCH v2] selinux: reduce locking overhead in inode_free_security()
- From: Yury <yury.norov@xxxxxxxxx>
- Re: [PATCH v2] selinux: reduce locking overhead in inode_free_security()
- From: Waiman Long <waiman.long@xxxxxx>
- Re: [PATCH] policy_define.c: fix compiler warnings
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
- Re: [RFC][PATCH] selinux: Remove unused permission definitions
- From: Dominick Grift <dac.override@xxxxxxxxx>
- Re: [RFC][PATCH] selinux: Remove unused permission definitions
- From: Dominick Grift <dac.override@xxxxxxxxx>
- [PATCH] policy_define.c: fix compiler warnings
- From: Nick Kralevich <nnk@xxxxxxxxxx>
- R: R: SELinux: Interface Labeling Problem
- From: "Gmail" <pag.maurizio@xxxxxxxxx>
- Re: [PATCH 2/2 v6] selinux: extended permissions for ioctls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 2/2 v6] selinux: extended permissions for ioctls
- From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
- Re: [PATCH 2/2 v6] selinux: extended permissions for ioctls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 1/2] security: lsm_audit: add ioctl specific auditing
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] Remove uses of -Wno-return-type.
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: update socket tests
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH 05/10] libsepol/cil: Add function to search the CIL AST for an AV rule.
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- [PATCH] Remove uses of -Wno-return-type.
- From: Dan Albert <danalbert@xxxxxxxxxx>
- Kernel error: SELinux: Invalid class 0
- From: Tim Shearer <tim.shearer@xxxxxxxxxxxxxxxxxxxx>
- Re: [PATCH 1/2] security: lsm_audit: add ioctl specific auditing
- From: Nick Kralevich <nnk@xxxxxxxxxx>
- Re: [PATCH 2/2 v6] selinux: extended permissions for ioctls
- From: Nick Kralevich <nnk@xxxxxxxxxx>
- [PATCH 2/2 v6] selinux: extended permissions for ioctls
- From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
- [PATCH 1/2] security: lsm_audit: add ioctl specific auditing
- From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
- [PATCH] checkpolicy: switch operations to extended perms
- From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
- Re: [PATCH] selinux-testsuite: update socket tests
- From: "Serge E. Hallyn" <serge@xxxxxxxxxx>
- Re: New module store + /var being split off
- From: Sven Vermeulen <sven.vermeulen@xxxxxxxxx>
- Re: New module store + /var being split off
- From: Steve Lawrence <slawrence@xxxxxxxxxx>
- Re: [PATCH 5/7] SELinux: Handle opening of a unioned file
- From: David Howells <dhowells@xxxxxxxxxx>
- New module store + /var being split off
- From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
- Re: [PATCH v2] selinux: reduce locking overhead in inode_free_security()
- From: Eric Paris <eparis@xxxxxxxxxx>
- Re: [PATCH 03/10] libsepol: Refactored neverallow checking.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH 02/10] libsepol: Treat types like an attribute in the attr_type_map.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH] Only invoke RPM on RPM-enabled Linux distributions
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] Only invoke RPM on RPM-enabled Linux distributions
- From: Petr Lautrbach <plautrba@xxxxxxxxxx>
- Re: [PATCH 03/10] libsepol: Refactored neverallow checking.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH 03/10] libsepol: Refactored neverallow checking.
- From: "Christopher J. PeBenito" <cpebenito@xxxxxxxxxx>
- Re: [PATCH] Fix -Wreturn-type issues.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] Only invoke RPM on RPM-enabled Linux distributions
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] selinux: reduce locking overhead in inode_free_security()
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH v2] selinux: reduce locking overhead in inode_free_security()
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 02/10] libsepol: Treat types like an attribute in the attr_type_map.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH 02/10] libsepol: Treat types like an attribute in the attr_type_map.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: SELinux: Interface Labeling Problem
- From: Sven Vermeulen <sven.vermeulen@xxxxxxxxx>
- Re: [PATCH v2] selinux: reduce locking overhead in inode_free_security()
- From: Raghavendra K T <raghavendra.kt@xxxxxxxxxxxxxxxxxx>
- [PATCH] Fix -Wreturn-type issues.
- From: Dan Albert <danalbert@xxxxxxxxxx>
- [PATCH v2] selinux: reduce locking overhead in inode_free_security()
- From: Waiman Long <Waiman.Long@xxxxxx>
- Re: [PATCH] selinux: reduce locking overhead in inode_free_security()
- From: Waiman Long <waiman.long@xxxxxx>
- Re: [PATCH] selinux: do not remap unknown SIDs to the unlabeled context
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [PATCH] Only invoke RPM on RPM-enabled Linux distributions
- From: Sven Vermeulen <sven.vermeulen@xxxxxxxxx>
- Re: [PATCH] selinux: do not remap unknown SIDs to the unlabeled context
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Why does semanage_migrate_store migrate file_contexts.local?
- From: Sven Vermeulen <sven.vermeulen@xxxxxxxxx>
- Re: [PATCH 03/10] libsepol: Refactored neverallow checking.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH 08/10] libsepol/cil: Add CIL bounds checking and reporting.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 00/10] Improve libsepol and CIL neverallow and bounds checking
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 09/10] secilc: Add a CIL policy file to test neverallow checking.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 06/10] libsepol/cil: Refactored CIL neverallow checking and reporting.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 03/10] libsepol: Refactored neverallow checking.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 04/10] libsepol: Refactored bounds (hierarchy) checking code
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 02/10] libsepol: Treat types like an attribute in the attr_type_map.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 05/10] libsepol/cil: Add function to search the CIL AST for an AV rule.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- Re: [PATCH 02/10] libsepol: Treat types like an attribute in the attr_type_map.
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH 07/10] libsepol/cil: Track number of classes and number of types and attributes.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 01/10] libsepol: Add new ebitmap function named ebitmap_match_any()
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- [PATCH 10/10] secilc: Add a CIL policy file to test bounds checking.
- From: James Carter <jwcart2@xxxxxxxxxxxxx>
- RE: [PATCH] kernfs: hook inode initialization for LSMs
- From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
- Re: SELinux: Interface Labeling Problem
- From: Maurizio Pagani <pag.maurizio@xxxxxxxxx>
- Re: [PATCH 2/2 v5] selinux: extended permissions for ioctls
- From: Paul Moore <pmoore@xxxxxxxxxx>
- Re: [PATCH] selinux: reduce locking overhead in inode_free_security()
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- [PATCH] selinux: reduce locking overhead in inode_free_security()
- From: Waiman Long <Waiman.Long@xxxxxx>
- Re: [PATCH] kernfs: hook inode initialization for LSMs
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- RE: [PATCH] kernfs: hook inode initialization for LSMs
- From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
- [PATCH] selinux-testsuite: update socket tests
- From: Stephen Smalley <sds@xxxxxxxxxxxxx>
- Re: [PATCH] kernfs: hook inode initialization for LSMs
- From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
- Re: [PATCH] sepolicy-generate: Handle more reserved port types
- From: Masatake YAMATO <yamato@xxxxxxxxxx>
- [PATCH] kernfs: hook inode initialization for LSMs
- From: william.c.roberts@xxxxxxxxx
- [PATCH] Initialize kernfs nodes with LSMs
- From: william.c.roberts@xxxxxxxxx
- Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
- Re: [RFC][PATCH] net/unix: support SCM_SECURITY for stream sockets
- From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
- Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
- From: Nick Kralevich <nnk@xxxxxxxxxx>
- Re: [RFC][PATCH] net/unix: support SCM_SECURITY for stream sockets
- From: Paul Moore <paul@xxxxxxxxxxxxxx>
[Index of Archives]
[Selinux Refpolicy]
[Fedora Users]
[Linux Kernel Development]