SELinux - Date Index

• Thread Index

• Re: [PATCH 2/2 v5] selinux: extended permissions for ioctls
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• Re: [PATCH] selinux: reduce locking overhead in inode_free_security()
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] selinux: reduce locking overhead in inode_free_security()
  • From: Waiman Long <Waiman.Long@xxxxxx>
• Re: [PATCH] kernfs: hook inode initialization for LSMs
  • From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
• RE: [PATCH] kernfs: hook inode initialization for LSMs
  • From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
• [PATCH] selinux-testsuite: update socket tests
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] kernfs: hook inode initialization for LSMs
  • From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH] sepolicy-generate: Handle more reserved port types
  • From: Masatake YAMATO <yamato@xxxxxxxxxx>
• [PATCH] kernfs: hook inode initialization for LSMs
  • From: william.c.roberts@xxxxxxxxx
• [PATCH] Initialize kernfs nodes with LSMs
  • From: william.c.roberts@xxxxxxxxx
• Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC][PATCH] net/unix: support SCM_SECURITY for stream sockets
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Nick Kralevich <nnk@xxxxxxxxxx>
• Re: [RFC][PATCH] net/unix: support SCM_SECURITY for stream sockets
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC][PATCH] net/unix: support SCM_SECURITY for stream sockets
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [RFC][PATCH] net/unix: support SCM_SECURITY for stream sockets
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] selinux: do not remap unknown SIDs to the unlabeled context
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] Only invoke RPM on RPM-enabled Linux distributions
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] Only invoke RPM on RPM-enabled Linux distributions
  • From: Sven Vermeulen <sven.vermeulen@xxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.2
  • From: James Morris <jmorris@xxxxxxxxx>
• Re: [PATCH] selinux: fix setting of security labels on NFS
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH] selinux: fix setting of security labels on NFS
  • From: "J. Bruce Fields" <bfields@xxxxxxxxxxxx>
• Re: refpolicywarn usage
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: refpolicywarn usage
  • From: "Christopher J. PeBenito" <cpebenito@xxxxxxxxxx>
• refpolicywarn usage
  • From: Ted Toth <txtoth@xxxxxxxxx>
• SELinux tree updates
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.2
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• Re: [PATCH] selinux: fix setting of security labels on NFS
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• RE: Seeing new denial on AOSP 5.1.1 w.r.t shell request read access on lnk_file .
  • From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
• Re: [PATCH] sepolicy-generate: Handle more reserved port types
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH v3 6/6] selinux-testsuite: fix compile problems in tests/capable_file
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• Re: [PATCH v3 6/6] selinux-testsuite: fix compile problems in tests/capable_file
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] selinux: fix setting of security labels on NFS
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Seeing new denial on AOSP 5.1.1 w.r.t shell request read access on lnk_file .
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] sepolicy-generate: Handle more reserved port types
  • From: Masatake YAMATO <yamato@xxxxxxxxxx>
• Seeing new denial on AOSP 5.1.1 w.r.t shell request read access on lnk_file .
  • From: Ravi Kumar <nxp.ravi@xxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.2
  • From: James Morris <jmorris@xxxxxxxxx>
• [PATCH v3 6/6] selinux-testsuite: fix compile problems in tests/capable_file
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH v3 5/6] selinux-testsuite: fix compile problems in tests/shm
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH v3 4/6] selinux-testsuite: fix compile warnings in tests/setnice
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH v3 3/6] selinux-testsuite: fix some compile warnings in tests/nnp
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH v3 2/6] selinux-testsuite: add some default CFLAGS
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH v3 1/6] selinux-testsuite: add _GNU_SOURCE to tests/Makefile
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH v3 0/6] SELinux testsuite compilation fixes
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• Re: [PATCH 1/6] selinux-testsuite: add _GNU_SOURCE to tests/Makefile
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [GIT PULL] SELinux patches for 4.2
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH] selinux: fix setting of security labels on NFS
  • From: bfields@xxxxxxxxxxxx (J. Bruce Fields)
• Re: [PATCH 1/6] selinux-testsuite: add _GNU_SOURCE to tests/Makefile
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] selinux-testsuite: adopt a more consistent style
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH 4/6] selinux-testsuite: fix compile warnings in tests/setnice
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH 6/6] selinux-testsuite: fix compile problems in tests/capable_file
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH 5/6] selinux-testsuite: fix compile problems in tests/shm
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH v2 0/6] SELinux testsuite compilation fixes
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH 3/6] selinux-testsuite: fix some compile warnings in tests/nnp
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH 2/6] selinux-testsuite: add some default CFLAGS
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH 1/6] selinux-testsuite: add _GNU_SOURCE to tests/Makefile
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• Re: [PATCH 3/3] selinux-testsuite: fix compile warnings in tests/execshare
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 3/3] selinux-testsuite: fix compile warnings in tests/execshare
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH 3/3] selinux-testsuite: fix compile warnings in tests/execshare
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH 2/3] selinux-testsuite: fix compile warnings in tests/setnice
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH 1/3] selinux-testsuite: fix some compile warnings in tests/nnp
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH 0/3] SELinux testsuite compilation fixes
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• Re: [PATCH 2/2 v5] selinux: extended permissions for ioctls
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH 2/2 v5] selinux: extended permissions for ioctls
  • From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
• [PATCH 0/2 v2] selinux: extended permissions for ioctl commands
  • From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [RFC][PATCH] selinux: Remove unused permission definitions
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [RFC PATCH] libselinux: Add read_spec_entries function to replace sscanf
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [RFC][PATCH] selinux: Remove unused permission definitions
  • From: "Christopher J. PeBenito" <cpebenito@xxxxxxxxxx>
• [RFC PATCH] libselinux: Add read_spec_entries function to replace sscanf
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• Re: [RFC][PATCH] selinux: Remove unused permission definitions
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [RFC][PATCH] selinux: Remove unused permission definitions
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: [RFC][PATCH] selinux: Remove unused permission definitions
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH v2] selinux: enable genfscon labeling for sysfs and pstore files
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: postgresql policy
  • From: "Christopher J. PeBenito" <cpebenito@xxxxxxxxxx>
• Re: ANN: SETools 4.0.0-alpha2
  • From: "Christopher J. PeBenito" <cpebenito@xxxxxxxxxx>
• Re: [PATCH 2/2] libsepol: with pp to CIL, always write auditadm_r and secadm_r roles to the base module
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH 1/2] libsepol: with pp to CIL, only associate declared roleattributes with in-scope types
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH 1/2] libsepol: with pp to CIL, only associate declared roleattributes with in-scope types
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: ANN: SETools 4.0.0-alpha2
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 1/2] libsepol: with pp to CIL, only associate declared roleattributes with in-scope types
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: postgresql policy
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: postgresql policy
  • From: Stephen Frost <sfrost@xxxxxxxxxxx>
• Re: postgresql policy
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: postgresql policy
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: postgresql policy
  • From: Stephen Frost <sfrost@xxxxxxxxxxx>
• Re: postgresql policy
  • From: Stephen Frost <sfrost@xxxxxxxxxxx>
• Re: postgresql policy
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: postgresql policy
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: postgresql policy
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: postgresql policy
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: postgresql policy
  • From: Stephen Frost <sfrost@xxxxxxxxxxx>
• Re: [PATCH 1/2] libsepol: with pp to CIL, only associate declared roleattributes with in-scope types
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: postgresql policy
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: getpidcon() behaviour when other LSM is enabled
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• getpidcon() behaviour when other LSM is enabled
  • From: Laurent Bigonville <bigon@xxxxxxxxxx>
• postgresql policy
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: [PATCH] libsepol/cil: Do not allow categories/sensitivities inside blocks
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH V2] libselinux: Support consistent mode size for bin files
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH V2] libselinux: Support consistent mode size for bin files
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• [PATCH] libselinux: Expunge remaining references to flask.h and av_permissions.h.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libselinux: Support consistent mode size for bin files
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [RFC][PATCH] selinux: Remove unused permission definitions
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] libselinux: Support consistent mode size for bin files
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• RE: [PATCH] [RFC] kernfs: hook inode initialization for LSMs
  • From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
• RE: [RFC] [PATCH] kernfs: hook inode initialization for LSMs
  • From: "Roberts, William C" <william.c.roberts@xxxxxxxxx>
• Re: [PATCH V4] Fix more bin file processing core dumps
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] [RFC] kernfs: hook inode initialization for LSMs
  • From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
• Re: [RFC] [PATCH] kernfs: hook inode initialization for LSMs
  • From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
• Re: [PATCH 2/2] libsepol: with pp to CIL, always write auditadm_r and secadm_r roles to the base module
  • From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
• [PATCH V4] Fix more bin file processing core dumps
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• [PATCH] libsepol/cil: Do not allow categories/sensitivities inside blocks
  • From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
• [PATCH] [RFC] kernfs: hook inode initialization for LSMs
  • From: william.c.roberts@xxxxxxxxx
• [RFC] [PATCH] kernfs: hook inode initialization for LSMs
  • From: william.c.roberts@xxxxxxxxx
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH 2/2] libsepol: with pp to CIL, always write auditadm_r and secadm_r roles to the base module
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• [PATCH 1/2] libsepol: with pp to CIL, only associate declared roleattributes with in-scope types
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• Re: string_to_av_perm behavior
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: string_to_av_perm behavior
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: string_to_av_perm behavior
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: string_to_av_perm behavior
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: string_to_av_perm behavior
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: string_to_av_perm behavior
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: string_to_av_perm behavior
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• string_to_av_perm behavior
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: CIL: migrate_store issues with MLS policy
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• Re: [PATCH v2] selinux: enable genfscon labeling for sysfs and pstore files
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• [PATCH v2] selinux: enable genfscon labeling for sysfs and pstore files
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libselinux: add selinux_openssh_contexts_path()
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [PATCH] libselinux: add selinux_openssh_contexts_path()
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libselinux: add selinux_openssh_contexts_path()
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libselinux: add selinux_openssh_contexts_path()
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] libselinux: add selinux_openssh_contexts_path()
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: [PATCH] libselinux: add selinux_openssh_contexts_path()
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: [PATCH] libselinux: add selinux_openssh_contexts_path()
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• [PATCH] libselinux: add selinux_openssh_contexts_path()
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: CIL: migrate_store issues with MLS policy
  • From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
• Re: CIL: migrate_store issues with MLS policy
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• Re: [PATCH] selinux: enable per-file labeling for debugfs files.
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
• Re: [PATCH] selinux: update netlink socket classes
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: William Roberts <bill.c.roberts@xxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: William Roberts <bill.c.roberts@xxxxxxxxx>
• CIL: migrate_store issues with MLS policy
  • From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
• Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
• Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 1/2] security: lsm_audit: add ioctl specific auditing
  • From: Steve Grubb <sgrubb@xxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: William Roberts <bill.c.roberts@xxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH] libselinux: setrans_client: minimize overhead when mcstransd is not present.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 1/2] security: lsm_audit: add ioctl specific auditing
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 1/2] security: lsm_audit: add ioctl specific auditing
  • From: Steve Grubb <sgrubb@xxxxxxxxxx>
• Re: [PATCH 1/2] security: lsm_audit: add ioctl specific auditing
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH] selinux: enable per-file labeling for debugfs files.
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: [PATCH] selinux: enable per-file labeling for debugfs files.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] selinux: enable genfscon-based labeling for sysfs files
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] selinux: enable per-file labeling for debugfs files.
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: [PATCH] selinux: enable per-file labeling for debugfs files.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] selinux: enable per-file labeling for debugfs files.
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: [PATCH] selinux: enable per-file labeling for debugfs files.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] selinux: enable per-file labeling for debugfs files.
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: [PATCH] selinux: enable per-file labeling for debugfs files.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] selinux: enable per-file labeling for debugfs files.
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• [PATCH] selinux: update netlink socket classes
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• FYI: Is SELinux good anti-venom?
  • From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
• [PATCH] selinux: enable per-file labeling for debugfs files.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: exec'ing new process with different type and MLS level
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: exec'ing new process with different type and MLS level
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• exec'ing new process with different type and MLS level
  • From: Ted Toth <txtoth@xxxxxxxxx>
• Re: [PATCH V3] Fix more bin file processing core dumps
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH V3] Fix more bin file processing core dumps
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH V3] Fix more bin file processing core dumps
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• Re: [PATCH] libselinux: Ensure selabel_lookup_best_match links NULL terminated
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH V2] Fix more bin file processing core dumps
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] libselinux: Ensure selabel_lookup_best_match links NULL terminated
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• [PATCH V2] Fix more bin file processing core dumps
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• Re: [PATCH] mcstransd: fix reload issue
  • From: wenzong fan <wenzong.fan@xxxxxxxxxxxxx>
• Re: [PATCH] Fix more bin file processing core dumps
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] Fix more bin file processing core dumps
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• [PATCH] mcstransd: don't reinvent getpeercon, badly.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] mcstransd: fix reload issue
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] Fix more bin file processing core dumps
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] Fix more bin file processing core dumps
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] Fix more bin file processing core dumps
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• Re: How to start SELinux on embedded device
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: How to start SELinux on embedded device
  • From: rajkumar <rajkumarmadhani@xxxxxxxxx>
• Re: How to start SELinux on embedded device
  • From: Emre Can Kucukoglu <eckucukoglu@xxxxxxxxx>
• How to start SELinux on embedded device
  • From: rajkumar <rajkumarmadhani@xxxxxxxxx>
• [PATCH] mcstransd: fix reload issue
  • From: <wenzong.fan@xxxxxxxxxxxxx>
• Re: SELinux talk
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: SELinux talk
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: SELinux talk
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: SELinux talk
  • From: "Patrick K., ITF" <cto@xxxxxxxxxxxxxxxxxx>
• Re: SELinux talk
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• SELinux talk
  • From: Andrew Holway <andrew.holway@xxxxxxxxxxxxxxxx>
• Re: [PATCH] libselinux: is_selinux_enabled(): drop no-policy-loaded test.
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] libselinux: is_selinux_enabled(): drop no-policy-loaded test.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libselinux: is_selinux_enabled(): drop no-policy-loaded test.
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] libselinux: is_selinux_enabled(): drop no-policy-loaded test.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libselinux: is_selinux_enabled(): drop no-policy-loaded test.
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] libselinux: is_selinux_enabled(): drop no-policy-loaded test.
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: [PATCH] libselinux: is_selinux_enabled(): drop no-policy-loaded test.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] libselinux: is_selinux_enabled: Add /etc/selinux/config test.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libselinux: is_selinux_enabled(): drop no-policy-loaded test.
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• [PATCH] libselinux: matchpathcon/selabel_file: Fix man pages.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libselinux: is_selinux_enabled(): drop no-policy-loaded test.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libselinux: is_selinux_enabled(): drop no-policy-loaded test.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libselinux: is_selinux_enabled(): drop no-policy-loaded test.
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] libselinux: is_selinux_enabled(): drop no-policy-loaded test.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libselinux: is_selinux_enabled(): drop no-policy-loaded test.
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH v4] Replace fmemopen() with internal function in libsepol.
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [PATCH v4] Replace fmemopen() with internal function in libsepol.
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH v4] Replace fmemopen() with internal function in libsepol.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH v4] Replace fmemopen() with internal function in libsepol.
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• RFC: https://bugzilla.redhat.com/show_bug.cgi?id=1219718
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• [PATCH v3] Replace fmemopen() with internal function in libsepol.
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: Give out all the avc logs in ome time
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH v2] Replace fmemopen() with internal function in libsepol.
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: Give out all the avc logs in ome time
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] Replace fmemopen() with internal function in libsepol.
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH 0/3 v5] libsepol, policycoreutils, and checkpolicy: Add support for generating CIL to libsepol and checkpolicy
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libselinux: Fix core dumps with corrupt *.bin files
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• RE: Give out all the avc logs in ome time
  • From: Zhi Xin <xinzhi@xxxxxxxxxxx>
• Re: [PATCH] libselinux: Fix core dumps with corrupt *.bin files
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] libselinux: Fix core dumps with corrupt *.bin files
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• Re: Give out all the avc logs in ome time
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Give out all the avc logs in ome time
  • From: William Roberts <bill.c.roberts@xxxxxxxxx>
• RE: Give out all the avc logs in ome time
  • From: Zhi Xin <xinzhi@xxxxxxxxxxx>
• Re: [PATCH 0/3 v5] libsepol, policycoreutils, and checkpolicy: Add support for generating CIL to libsepol and checkpolicy
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [PATCH] libselinux: Add selabel partial and best match APIs
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] libselinux: Add selabel partial and best match APIs
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• Re: Give out all the avc logs in ome time
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• RE: Give out all the avc logs in ome time
  • From: Zhi Xin <xinzhi@xxxxxxxxxxx>
• Re: [PATCH v2] libsepol/cil: Verify users prior to evaluating users
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH v2] libsepol/cil: Verify users prior to evaluating users
  • From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
• RE: [PATCH] libsepol/cil: Verify users prior to evaluating users
  • From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
• Re: [PATCH] libsepol/cil: Verify users prior to evaluating users
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH] libsepol/cil: Verify users prior to evaluating users
  • From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
• Re: Give out all the avc logs in ome time
  • From: william.c.roberts@xxxxxxxxxxxxxxx
• Re: Give out all the avc logs in ome time
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Give out all the avc logs in ome time
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• RE: Give out all the avc logs in ome time
  • From: Zhi Xin <xinzhi@xxxxxxxxxxx>
• Re: Give out all the avc logs in ome time
  • From: Gaurav Gangwar <gauravgangwaar@xxxxxxxxx>
• RE: Give out all the avc logs in ome time
  • From: Zhi Xin <xinzhi@xxxxxxxxxxx>
• Re: Give out all the avc logs in ome time
  • From: Ravi Kumar <nxp.ravi@xxxxxxxxx>
• RE: Give out all the avc logs in ome time
  • From: William Roberts <bill.c.roberts@xxxxxxxxx>
• RE: Give out all the avc logs in ome time
  • From: William Roberts <bill.c.roberts@xxxxxxxxx>
• RE: Give out all the avc logs in ome time
  • From: Zhi Xin <xinzhi@xxxxxxxxxxx>
• Re: Give out all the avc logs in ome time
  • From: William Roberts <bill.c.roberts@xxxxxxxxx>
• Give out all the avc logs in ome time
  • From: Zhi Xin <xinzhi@xxxxxxxxxxx>
• Re: [PATCH 1/1] signals: don't abuse __flush_signals() in selinux_bprm_committed_creds()
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH] selinux: Print 'sclass' as string when unrecognized netlink message occurs
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: secilc bug
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: secilc bug
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: secilc bug
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: secilc bug
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• Re: secilc bug
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: secilc bug
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• secilc bug
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Nick Kralevich <nnk@xxxxxxxxxx>
• [PATCH 2/2 v4] SELinux: per-command whitelisting of ioctls
  • From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
• Re: SELinux policy for Xen with CloudStack
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• SELinux policy for Xen with CloudStack
  • From: Andrew Holway <andrew.holway@xxxxxxxxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
• Re: Impersonating a process for file creation purposes
  • From: Florian Weimer <fweimer@xxxxxxxxxx>
• Re: Impersonating a process for file creation purposes
  • From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
• Re: [RFC PATCH] selinux: Merge Android libselinux changes with upstream
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [RFC PATCH] selinux: Merge Android libselinux changes with upstream
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• Re: [PATCH] dispol: display operations as ranges
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] Don't assume SELinux code is already installed on host
  • From: Sven Vermeulen <sven.vermeulen@xxxxxxxxx>
• [PATCH] dispol: display operations as ranges
  • From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [PATCH] Don't assume SELinux code is already installed on host
  • From: Nick Kralevich <nnk@xxxxxxxxxx>
• Re: [PATCH] Don't assume SELinux code is already installed on host
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] Don't assume SELinux code is already installed on host
  • From: Nick Kralevich <nnk@xxxxxxxxxx>
• Re: bug#20437: ls links too many dynamic libraries
  • From: Paul Eggert <eggert@xxxxxxxxxxx>
• Re: Impersonating a process for file creation purposes
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [RFC PATCH] selinux: Merge Android libselinux changes with upstream
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [RFC PATCH] selinux: Merge Android libselinux changes with upstream
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: bug#20437: ls links too many dynamic libraries
  • From: Pádraig Brady <P@xxxxxxxxxxxxxx>
• Re: Impersonating a process for file creation purposes
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [RFC PATCH] selinux: Merge Android libselinux changes with upstream
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• Re: Impersonating a process for file creation purposes
  • From: Florian Weimer <fweimer@xxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: James Morris <jmorris@xxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: James Morris <jmorris@xxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• RE: Switching to enforcing mode introduces new policy issues?
  • From: "Spector, Aaron" <Aaron_Spector@xxxxxxxxxx>
• [PATCH] libsepol: Binary modules do not support ioctl rules.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Switching to enforcing mode introduces new policy issues?
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Switching to enforcing mode introduces new policy issues?
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• RE: Switching to enforcing mode introduces new policy issues?
  • From: "Spector, Aaron" <Aaron_Spector@xxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: Casey Schaufler <casey@xxxxxxxxxxxxxxxx>
• Re: Switching to enforcing mode introduces new policy issues?
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Switching to enforcing mode introduces new policy issues?
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Switching to enforcing mode introduces new policy issues?
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• RE: Switching to enforcing mode introduces new policy issues?
  • From: "Spector, Aaron" <Aaron_Spector@xxxxxxxxxx>
• Re: Switching to enforcing mode introduces new policy issues?
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• RE: Switching to enforcing mode introduces new policy issues?
  • From: "Spector, Aaron" <Aaron_Spector@xxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• RE: Switching to enforcing mode introduces new policy issues?
  • From: "Spector, Aaron" <Aaron_Spector@xxxxxxxxxx>
• Re: Switching to enforcing mode introduces new policy issues?
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Switching to enforcing mode introduces new policy issues?
  • From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
• Re: Switching to enforcing mode introduces new policy issues?
  • From: Gaurav Gangwar <gauravgangwaar@xxxxxxxxx>
• RE: Switching to enforcing mode introduces new policy issues?
  • From: "Spector, Aaron" <Aaron_Spector@xxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: James Morris <jmorris@xxxxxxxxx>
• Re: [PATCH 1/2] security: lsm_audit: add ioctl specific auditing
  • From: James Morris <jmorris@xxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [PATCH 1/2] security: lsm_audit: add ioctl specific auditing
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: Switching to enforcing mode introduces new policy issues?
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Switching to enforcing mode introduces new policy issues?
  • From: "Spector, Aaron" <Aaron_Spector@xxxxxxxxxx>
• Re: Yet another strange behavior.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Yet another strange behavior.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• RE: Yet another strange behavior.
  • From: "Minear, Spencer" <Spencer_Minear@xxxxxxxxxx>
• [PATCH] dispol: Extend to display operations.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libsemanage: do not copy contexts in semanage_migrate_store
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• Re: [PATCH] Add support for ioctl command whitelisting
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Yet another strange behavior.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• Yet another strange behavior.
  • From: "Minear, Spencer" <Spencer_Minear@xxxxxxxxxx>
• [PATCH] Add support for ioctl command whitelisting
  • From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
• [PATCH] libsemanage: do not copy contexts in semanage_migrate_store
  • From: Jason Zaman <jason@xxxxxxxxxxxxx>
• Re: [PATCH 2/2 v3] SELinux: per-command whitelisting of ioctls
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [PATCH] libsemanage: do not copy contexts in semanage_migrate_store
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• [PATCH] libsemanage: do not copy contexts in semanage_migrate_store
  • From: Jason Zaman <jason@xxxxxxxxxxxxx>
• Re: [PATCH 2/2 v3] SELinux: per-command whitelisting of ioctls
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 2/2 v3] SELinux: per-command whitelisting of ioctls
  • From: Nick Kralevich <nnk@xxxxxxxxxx>
• [PATCH 2/2 v3] SELinux: per-command whitelisting of ioctls
  • From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [PATCH] libselinux: selinux.py - use os.walk() instead of os.path.walk()
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• Re: [PATCH] libselinux: selinux.py - use os.walk() instead of os.path.walk()
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] libselinux: selinux.py - use os.walk() instead of os.path.walk()
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• [PATCH] libselinux: selinux.py - use os.walk() instead of os.path.walk()
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: Impersonating a process for file creation purposes
  • From: Florian Weimer <fweimer@xxxxxxxxxx>
• Re: HTCondor process visibility
  • From: Steve Huston <huston@xxxxxxxxxxxxxxxxxxx>
• Re: HTCondor process visibility
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• HTCondor process visibility
  • From: Steve Huston <huston@xxxxxxxxxxxxxxxxxxx>
• [PATCH] libselinux: is_selinux_enabled(): drop no-policy-loaded test.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: selinux and thread local storage
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: selinux and thread local storage
  • From: mm19827 <mm19827@xxxxxxxxx>
• Re: Impersonating a process for file creation purposes
  • From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
• Re: [PATCH] policycoreutils: setfiles/restorecon: fix -r/-R option
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] policycoreutils: setfiles/restorecon: fix -r/-R option
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] Add empty top level Android.mk / CleanSpec.mk files
  • From: Nick Kralevich <nnk@xxxxxxxxxx>
• Re: [PATCH] org.selinux.policy: Require auth_admin_keep for all actions.
  • From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
• [PATCH] org.selinux.policy: Require auth_admin_keep for all actions.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Impersonating a process for file creation purposes
  • From: Florian Weimer <fweimer@xxxxxxxxxx>
• [PATCH] libselinux: Remove deprecated mudflap option.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Impersonating a process for file creation purposes
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] Add empty top level Android.mk / CleanSpec.mk files
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH v2] libselinux: Mount procfs before checking /proc/filesystems
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Impersonating a process for file creation purposes
  • From: Florian Weimer <fweimer@xxxxxxxxxx>
• Re: [PATCH] Add empty top level Android.mk / CleanSpec.mk files
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• [PATCH] Add empty top level Android.mk / CleanSpec.mk files
  • From: Nick Kralevich <nnk@xxxxxxxxxx>
• [PATCH v2] libselinux: Mount procfs before checking /proc/filesystems
  • From: Ben Shelton <ben.shelton@xxxxxx>
• Re: [PATCH] libselinux: Mount procfs before checking /proc/filesystems
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] libselinux: Mount procfs before checking /proc/filesystems
  • From: Ben Shelton <ben.shelton@xxxxxx>
• Re: [PATCH] libsepol: Don't use symbol versioning for static object files
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: selinux and thread local storage
  • From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
• Re: 答复: got some problems with the selinux policy
  • From: Stephen Smalley <stephen.smalley@xxxxxxxxx>
• [PATCH] libsepol: Don't use symbol versioning for static object files
  • From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
• 答复: got some problems with the selinux policy
  • From: kuangjiou <kuangjiou@xxxxxxxxxx>
• 答复: got some problems with the selinux policy
  • From: kuangjiou <kuangjiou@xxxxxxxxxx>
• Re: selinux and thread local storage
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• selinux and thread local storage
  • From: mm19827 <mm19827@xxxxxxxxx>
• Re: got some problems with the selinux policy
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• got some problems with the selinux policy
  • From: kuangjiou <kuangjiou@xxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: James Morris <jmorris@xxxxxxxxx>
• Re: [PATCH 1/2] security: lsm_audit: add ioctl specific auditing
  • From: Nick Kralevich <nnk@xxxxxxxxxx>
• Re: [PATCH v2 2/2] SELinux: per-command whitelisting of ioctls
  • From: Nick Kralevich <nnk@xxxxxxxxxx>
• Re: [PATCH v2 2/2] SELinux: per-command whitelisting of ioctls
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH v2 2/2] SELinux: per-command whitelisting of ioctls
  • From: Thomas Hurd <thurd@xxxxxxxxxx>
• Re: [PATCH v2 2/2] SELinux: per-command whitelisting of ioctls
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH v2 2/2] SELinux: per-command whitelisting of ioctls
  • From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [PATCH 2/2] SELinux: per-command whitelisting of ioctls
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 1/2] security: lsm_audit: add ioctl specific auditing
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• [PATCH 2/2] SELinux: per-command whitelisting of ioctls
  • From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
• [PATCH 1/2] security: lsm_audit: add ioctl specific auditing
  • From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
• [PATCH 0/2] selinux: add targeted whitelisting of ioctl commands.
  • From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: James Morris <jmorris@xxxxxxxxx>
• Re: CONFIG_SECURITY_SELINUX_DEVELOP flag is still enabled in most of the AOSP based releases , Can we remove this in production builds . .
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: CONFIG_SECURITY_SELINUX_DEVELOP flag is still enabled in most of the AOSP based releases , Can we remove this in production builds . .
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] selinux: Print 'sclass' as string when unrecognized netlink message occurs
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• CONFIG_SECURITY_SELINUX_DEVELOP flag is still enabled in most of the AOSP based releases , Can we remove this in production builds . .
  • From: Ravi Kumar <nxp.ravi@xxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: Reset SELinux booleans
  • From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: James Morris <jmorris@xxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: James Morris <jmorris@xxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: James Morris <jmorris@xxxxxxxxx>
• Re: [PATCH v3] libsepol, secilc: Fix build for Android
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: James Morris <jmorris@xxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: James Morris <jmorris@xxxxxxxxx>
• Re: [PATCH] selinux: Print 'sclass' as string when unrecognized netlink message occurs
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: James Morris <jmorris@xxxxxxxxx>
• Re: [PATCH v3] libsepol, secilc: Fix build for Android
  • From: Nick Kralevich <nnk@xxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH v3] libsepol, secilc: Fix build for Android
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] selinux: Print 'sclass' as string when unrecognized netlink message occurs
  • From: Marek Milkovic <mmilkovi@xxxxxxxxxx>
• Re: [PATCH] libsepol: Fix build for Android.
  • From: Nick Kralevich <nnk@xxxxxxxxxx>
• [PATCH v2] libsepol: Fix build for Android.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libsepol: Fix build for Android.
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• [PATCH] libsepol: Fix build for Android.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [GIT PULL] SELinux patches for 4.1
  • From: James Morris <jmorris@xxxxxxxxx>
• [GIT PULL] SELinux patches for 4.1
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• Re: Fwd: Booting time is increased after applying kernel 3.10
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Fwd: Booting time is increased after applying kernel 3.10
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Fwd: Booting time is increased after applying kernel 3.10
  • From: Ravi Kumar <nxp.ravi@xxxxxxxxx>
• [PATCH 1/3 v5] libsepol, policycoreutils: Move functions to convert a module package to CIL
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH 0/3 v5] libsepol, policycoreutils, and checkpolicy: Add support for generating CIL to libsepol and checkpolicy
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• [PATCH 2/3 v5] libsepol: add function to generate CIL from a module policydb
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH 3/3 v5] checkpolicy: Add support for generating CIL
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH 0/3 v5] libsepol, policycoreutils, and checkpolicy: Add support for generating CIL to libsepol and checkpolicy
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH 0/3 v4] libsepol, policycoreutils, and checkpolicy: Add support for generating CIL to libsepol and checkpolicy
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• [PATCH 1/3 v4] libsepol, policycoreutils: Move functions to convert a module package to CIL
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH 2/3 v4] libsepol: add function to generate CIL from a module policydb
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH 3/3 v4] checkpolicy: Add support for generating CIL
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH 0/3 v4] libsepol, policycoreutils, and checkpolicy: Add support for generating CIL to libsepol and checkpolicy
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH 2/3 v3] libsepol: add function to generate CIL from a module policydb
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• tycho.nsa.gov mailing list memberships reminder
  • From: mailman-owner@xxxxxxxxxxxxx
• Re: [PATCH 2/3 v3] libsepol: add function to generate CIL from a module policydb
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH 3/3 v3] checkpolicy: Add support for generating CIL
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH 2/3 v3] libsepol: add function to generate CIL from a module policydb
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• Re: [PATCH 0/3 v3] libsepol, policycoreutils, and checkpolicy: Add support for generating CIL to libsepol and checkpolicy
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH 3/3 v3] checkpolicy: Add support for generating CIL
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• RE: [PATCH 0/3 v3] libsepol, policycoreutils, and checkpolicy: Add support for generating CIL to libsepol and checkpolicy
  • From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
• [PATCH 1/3 v3] libsepol, policycoreutils: Move functions to convert a module package to CIL
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH 3/3 v3] checkpolicy: Add support for generating CIL
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH 2/3 v3] libsepol: add function to generate CIL from a module policydb
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH 0/3 v3] libsepol, policycoreutils, and checkpolicy: Add support for generating CIL to libsepol and checkpolicy
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH v2 1/1] libsepol: Move secilc out of libsepol
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH v2 1/1] libsepol: Move secilc out of libsepol
  • From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
• RE: [PATCH] libsepol: Move secilc out of libsepol
  • From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
• Re: Interpreter name reported in AVC comm field
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Interpreter name reported in AVC comm field
  • From: "Minear, Spencer" <Spencer_Minear@xxxxxxxxxx>
• [PATCH 1/3 v2] libsepol, policycoreutils: Move functions to convert a module package to CIL
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH 3/3 v2] checkpolicy: Add support for generating CIL
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH 2/3 v2] libsepol: add function to generate CIL from a module policydb
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH 0/3 v2] libsepol, policycoreutils, and checkpolicy: Add support for generating CIL to libsepol and checkpolicy
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH] libsepol: Move secilc out of libsepol
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH v2] run_init: Use a ring buffer in open_init_pty
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] run_init: fix open_init_pty avaibility check
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Policy Constraints
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• Re: Policy Constraints
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Policy Constraints
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: [PATCH 1/3] selinux: convert avtab hash table to flex_array
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [PATCH 1/3] libsepol, policycoreutils: Move functions to convert a module package to CIL
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH 3/3] checkpolicy: Add support for generating CIL
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH 2/3] libsepol: add function to generate CIL from a module policydb
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• [PATCH 0/3] libsepol, policycoreutils, and checkpolicy: Add support for generating CIL to libsepol and checkpolicy
  • From: James Carter <jwcart2@xxxxxxxxxxxxx>
• Re: [PATCH] libsepol: Move secilc out of libsepol
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libsepol: Move secilc out of libsepol
  • From: Nick Kralevich <nnk@xxxxxxxxxx>
• Re: [PATCH] libsepol: Move secilc out of libsepol
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] libsepol: Move secilc out of libsepol
  • From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
• Re: [PATCH] selinuxfs: Fix sel_write_enforce broken return value
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• [GIT PULL] SELinux fixes for 3.20 #2
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• Re: Is there a macro for this?
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Is there a macro for this?
  • From: Jason Zaman <jason@xxxxxxxxxxxxx>
• Is there a macro for this?
  • From: Tracy Reed <treed@xxxxxxxxxxxxxxx>
• [PATCH 3/3] selinux: increase avtab max buckets
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH 2/3] selinux: Use a better hash function for avtab
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH 1/3] selinux: convert avtab hash table to flex_array
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] selinuxfs: Fix sel_write_enforce broken return value
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] selinuxfs: Fix sel_write_enforce broken return value
  • From: Joe Perches <joe@xxxxxxxxxxx>
• [PATCH v2] run_init: Use a ring buffer in open_init_pty
  • From: Jason Zaman <jason@xxxxxxxxxxxxx>
• Re: Added project policy code and got "semodule_package: ..."
  • From: John Chludzinski <john.chludzinski@xxxxxxxxxxx>
• Re: Added project policy code and got "semodule_package: ..."
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Added project policy code and got "semodule_package: ..."
  • From: John Chludzinski <john.chludzinski@xxxxxxxxxxx>
• Re: Trying to update sysadm module in CLIP
  • From: John Chludzinski <john.chludzinski@xxxxxxxxxxx>
• Re: Trying to update sysadm module in CLIP
  • From: Brandon Whalen <brandon@xxxxxxxxxxxxxxxxx>
• Re: Trying to update sysadm module in CLIP
  • From: Mike Palmiotto <mpalmiotto@xxxxxxxxxx>
• Re: Trying to update sysadm module in CLIP
  • From: John Chludzinski <john.chludzinski@xxxxxxxxxxx>
• Re: [PATCH] libsepol: Fix building Xen policy with devicetreecon
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• Re: Trying to update sysadm module in CLIP
  • From: Brandon Whalen <brandon@xxxxxxxxxxxxxxxxx>
• [PATCH] libsepol: Fix building Xen policy with devicetreecon
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• Re: Trying to update sysadm module in CLIP
  • From: John Chludzinski <john.chludzinski@xxxxxxxxxxx>
• Re: [PATCH v3 0/3] Xen/FLASK policy updates for device contexts
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• Re: [PATCH v3 0/3] Xen/FLASK policy updates for device contexts
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• Reset SELinux booleans
  • From: Aleksey Chudov <aleksey.chudov@xxxxxxxxx>
• Re: Trying to update sysadm module in CLIP
  • From: Thomas Hurd <thurd@xxxxxxxxxx>
• Re: Trying to update sysadm module in CLIP
  • From: Brandon Whalen <brandon@xxxxxxxxxxxxxxxxx>
• Re: Trying to update sysadm module in CLIP
  • From: John Chludzinski <john.chludzinski@xxxxxxxxxxx>
• Re: Trying to update sysadm module in CLIP
  • From: John Chludzinski <john.chludzinski@xxxxxxxxxxx>
• Re: [PATCH v3 0/3] Xen/FLASK policy updates for device contexts
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• Re: Trying to update sysadm module in CLIP
  • From: Brandon Whalen <brandon@xxxxxxxxxxxxxxxxx>
• Re: Trying to update sysadm module in CLIP
  • From: John Chludzinski <john.chludzinski@xxxxxxxxxxx>
• Re: Trying to update sysadm module in CLIP
  • From: Spencer Shimko <spencer@xxxxxxxxxxxxxxxxx>
• Trying to update sysadm module in CLIP
  • From: John Chludzinski <john.chludzinski@xxxxxxxxxxx>
• Re: [PATCH] libsepol: bool_copy_callback set state on creation
  • From: Thomas Hurd <thurd@xxxxxxxxxx>
• Re: [PATCH] libsepol: bool_copy_callback set state on creation
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] libsepol: bool_copy_callback set state on creation
  • From: Thomas Hurd <thurd@xxxxxxxxxx>
• Re: [PATCH] libsemanage: Fix logic in bunzip for uncompressed pp files
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] libsemanage: Fix logic in bunzip for uncompressed pp files
  • From: Thomas Hurd <thurd@xxxxxxxxxx>
• Re: [PATCH] libsemanage: Change bunzip to use heap instead of stack for buffer.
  • From: Thomas Hurd <thurd@xxxxxxxxxx>
• New Article on Future Docker Security.
  • From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
• Re: 答复: Got some problem when using the type_transition, look for some helps! thank you!
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• 答复: Got some problem when using the type_transition, look for some helps! thank you!
  • From: kuangjiou <kuangjiou@xxxxxxxxxx>
• Re: [PATCH] libsemanage: Change bunzip to use heap instead of stack for buffer.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libsemanage: Change bunzip to use heap instead of stack for buffer.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH v3 0/3] Xen/FLASK policy updates for device contexts
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libsemanage: fix fname[] initialization in test_utilities.c
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Got some problem when using the type_transition, look for some helps! thank you!
  • From: Milos Malik <mmalik@xxxxxxxxxx>
• Re: Got some problem when using the type_transition, look for some helps! thank you!
  • From: Milos Malik <mmalik@xxxxxxxxxx>
• Got some problem when using the type_transition, look for some helps! thank you!
  • From: kuangjiou <kuangjiou@xxxxxxxxxx>
• [PATCH 2/3] libsepol, checkpolicy: widen Xen IOMEM ocontext entries
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
• [PATCH 3/3] libsepol, checkpolicy: add device tree ocontext nodes to Xen policy
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
• [PATCH 1/3] checkpolicy: Expand allowed character set in paths
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
• [PATCH v3 0/3] Xen/FLASK policy updates for device contexts
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
• RE: selinux category relabel (puppet)
  • From: "Higgs, Stephen" <Stephen.Higgs@xxxxxxxx>
• Re: selinux category relabel (puppet)
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• RE: selinux category relabel (puppet)
  • From: "Higgs, Stephen" <Stephen.Higgs@xxxxxxxx>
• Re: selinux category relabel (puppet)
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• RE: selinux category relabel (puppet)
  • From: "Higgs, Stephen" <Stephen.Higgs@xxxxxxxx>
• Re: SE Linux savvy union FS?
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• SE Linux savvy union FS?
  • From: "Minear, Spencer" <Spencer_Minear@xxxxxxxxxx>
• Re: Saltstack and ipa-install on Centos7 failing
  • From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
• Re: selinux category relabel (puppet)
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Strange behavior: type boundaries
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• Re: Strange behavior: type boundaries
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: selinux category relabel (puppet)
  • From: Miroslav Grepl <mgrepl@xxxxxxxxxx>
• [PATCH] libsemanage: fix fname[] initialization in test_utilities.c
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: Strange behavior: type boundaries
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: selinux category relabel (puppet)
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• RE: selinux category relabel (puppet)
  • From: "Higgs, Stephen" <Stephen.Higgs@xxxxxxxx>
• Re: Saltstack and ipa-install on Centos7 failing
  • From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
• Re: Strange behavior: type boundaries
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: Strange behavior: type boundaries
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Strange behavior: type boundaries
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: Strange behavior: type boundaries
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] Fix -Wformat errors
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Strange behavior: type boundaries
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: selinux category relabel (puppet)
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: selinux category relabel (puppet)
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• RE: selinux category relabel (puppet)
  • From: "Higgs, Stephen" <Stephen.Higgs@xxxxxxxx>
• Re: selinux category relabel (puppet)
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• RE: selinux category relabel (puppet)
  • From: "Higgs, Stephen" <Stephen.Higgs@xxxxxxxx>
• Re: Saltstack and ipa-install on Centos7 failing
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: selinux category relabel (puppet)
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Saltstack and ipa-install on Centos7 failing
  • From: Andrew Holway <andrew.holway@xxxxxxxxxxxxxxxxxxxxx>
• [PATCH] Fix -Wformat errors
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• selinux category relabel (puppet)
  • From: "Higgs, Stephen" <Stephen.Higgs@xxxxxxxx>
• Re: [PATCH] Fix -Wformat errors
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] Fix -Wformat errors
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [PATCH] Fix -Wformat errors
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] Fix -Wformat errors
  • From: Petr Lautrbach <plautrba@xxxxxxxxxx>
• Re: [Xen-devel] [PATCH 2/3] libsepol, checkpolicy: widen Xen IOMEM ocontext entries
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
• Re: [Xen-devel] [PATCH 2/4] Add device tree ocontext nodes to Xen policy
  • From: Julien Grall <julien.grall@xxxxxxxxxx>
• [PATCH 3/3] libsepol, checkpolicy: add device tree ocontext nodes to Xen policy
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
• [PATCH 2/3] libsepol, checkpolicy: widen Xen IOMEM ocontext entries
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
• [PATCH 1/3] checkpolicy: Expand allowed character set in paths
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
• [PATCH v2 0/3] Xen/FLASK policy updates for device contexts
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
• Re: [PATCH 3/4] checkpolicy: add output for Xen policy version support
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [Xen-devel] [PATCH 1/4] Expand Xen IOMEMCON to 64 bits
  • From: Julien Grall <julien.grall@xxxxxxxxxx>
• Re: [Xen-devel] [PATCH 2/4] Add device tree ocontext nodes to Xen policy
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
• Re: [Xen-devel] [PATCH 2/4] Add device tree ocontext nodes to Xen policy
  • From: Julien Grall <julien.grall@xxxxxxxxxx>
• [PATCH 4/4] checkpolicy: Expand allowed character set in paths
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
• [PATCH 1/4] Expand Xen IOMEMCON to 64 bits
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
• [PATCH 2/4] Add device tree ocontext nodes to Xen policy
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
• [PATCH 3/4] checkpolicy: add output for Xen policy version support
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
• [PATCH 0/4] Xen/FLASK policy updates for device contexts
  • From: Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>
• Re: [PATCH] checkpolicy: Fix precedence between number and filesystem tokens.
  • From: Jeffrey Vander Stoep <jeffv@xxxxxxxxxx>
• [PATCH] checkpolicy: Fix precedence between number and filesystem tokens.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] avc: remove unnecessary pointer reassignment
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Tuning Docker with the newest security enhancements
  • From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
• Re: [PATCH] avc: remove unnecessary pointer reassignment
  • From: Paul Moore <paul@xxxxxxxxxxxxxx>
• Re: Cross-compile for arm architecture
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Cross-compile for arm architecture
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Cross-compile for arm architecture
  • From: Emre Can Kucukoglu <eckucukoglu@xxxxxxxxx>
• [PATCH 1/2] libsepol: clean up the CIL API
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• [PATCH 2/2] libsemanage: use the new CIL API
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• Re: [PATCH 0/2] Add option to remove HLL files and fix memory leaks
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• Re: [PATCH] avc: remove unnecessary pointer reassignment
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] avc: remove unnecessary pointer reassignment
  • From: Nick Kralevich <nnk@xxxxxxxxxx>
• [PATCH] avc: remove unnecessary pointer reassignment
  • From: Jeff Vander Stoep <jeffv@xxxxxxxxxx>
• [PATCH 1/2] libsemanage: Add option to remove HLL files after compilation
  • From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
• [PATCH 2/2] libsemanage: Fix memory leaks when parsing semanage.conf
  • From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
• [PATCH 0/2] Add option to remove HLL files and fix memory leaks
  • From: Yuli Khodorkovskiy <ykhodorkovskiy@xxxxxxxxxx>
• Re: [PATCH] libsemanage: Change bunzip to use heap instead of stack for buffer.
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• [PATCH] libsemanage: Change bunzip to use heap instead of stack for buffer.
  • From: Thomas Hurd <thurd@xxxxxxxxxx>
• Re: [PATCH] libsepol: Update CIL documentation
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• Fwd: [PATCH] fgets function warnings fix
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Cross-compile for arm architecture
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Cross-compile for arm architecture
  • From: Emre Can Kucukoglu <eckucukoglu@xxxxxxxxx>
• Re: [PATCH] libsepol: Update CIL documentation
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• [PATCH] libsepol: Update CIL documentation
  • From: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
• Re: typo in semanage-port.8 (patch)
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• typo in semanage-port.8 (patch)
  • From: Andrew Spiers <andrew@xxxxxxxxxxxxxxxx>
• [PATCH] libselinux: sefcontext_compile: handle newlines in file names
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libselinux: label_file: handle newlines in file names
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH] libselinux: label_file: handle newlines in file names
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• [PATCH] libselinux: label_file: handle newlines in file names
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Fwd: [PATCH] proc.5: Fix SELinux /proc/pid/attr/current example.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• [PATCH] libselinux: getcon.3: Fix setcon description.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: MCS error
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [PATCH 1/1] Fix error path in mls_semantic_level_expand().
  • From: Steve Lawrence <slawrence@xxxxxxxxxx>
• [PATCH 1/1] Fix error path in mls_semantic_level_expand().
  • From: Chris PeBenito <cpebenito@xxxxxxxxxx>
• Re: MCS error
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: MCS error
  • From: Joshua Brindle <brindle@xxxxxxxxxxxxxxxxx>
• Re: MCS error
  • From: Tracy Reed <treed@xxxxxxxxxxxxxxx>
• Re: Odd occurrence of /sbin/setfiles running
  • From: Daniel J Walsh <dwalsh@xxxxxxxxxx>
• Re: MCS error
  • From: Tracy Reed <treed@xxxxxxxxxxxxxxx>
• Re: MCS error
  • From: Tracy Reed <treed@xxxxxxxxxxxxxxx>
• Re: MCS error
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: MCS error
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: MCS error
  • From: Tracy Reed <treed@xxxxxxxxxxxxxxx>
• Re: MCS error
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: MCS error
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: Odd occurrence of /sbin/setfiles running
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: MCS error
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: MCS error
  • From: Tracy Reed <treed@xxxxxxxxxxxxxxx>
• Re: MCS error
  • From: Tracy Reed <treed@xxxxxxxxxxxxxxx>
• Re: MCS error
  • From: Thomas Hurd <thurd@xxxxxxxxxx>
• Re: MCS error
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: MCS error
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: MCS error
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: MCS error
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: MCS error
  • From: Tracy Reed <treed@xxxxxxxxxxxxxxx>
• Re: MCS error
  • From: Tracy Reed <treed@xxxxxxxxxxxxxxx>
• Re: MCS error
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: MCS error
  • From: Tracy Reed <treed@xxxxxxxxxxxxxxx>
• Odd occurrence of /sbin/setfiles running
  • From: Mark Lee <markleee50@xxxxxxxxx>
• Re: MCS error
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: MCS error
  • From: Dominick Grift <dac.override@xxxxxxxxx>
• Re: MCS error
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• MCS error
  • From: Tracy Reed <treed@xxxxxxxxxxxxxxx>
• Re: [PATCH] libselinux: fix audit2why error handling if SELinux is disabled.
  • From: Colin Walters <walters@xxxxxxxxxx>
• [PATCH] selinux: reconcile security_netlbl_secattr_to_sid() and mls_import_netlbl_cat()
  • From: Paul Moore <pmoore@xxxxxxxxxx>
• [PATCH] libselinux: fix audit2why error handling if SELinux is disabled.
  • From: Stephen Smalley <sds@xxxxxxxxxxxxx>
• Re: [GIT PULL] SELinux fixes for 3.20 #1
  • From: James Morris <jmorris@xxxxxxxxx>