Security Enhanced Linux (SELINUX)
[Prev Page][Next Page]
[RFC PATCH userspace 0/6] Parallel setfiles/restorecon,
Ondrej Mosnacek
[GIT PULL] SELinux fixes for v5.12 (#1),
Paul Moore
[PATCH] libsepol/cil: Allow permission expressions when using map classes,
James Carter
[PATCH V2] libsepol/cil: Exit with an error if declaration name is a reserved word, James Carter
[PATCH userspace] policycoreutils/setfiles: do not create useless setfiles.8.man file,
Ondrej Mosnacek
[PATCH v2] selinux: vsock: Set SID for socket returned by accept(),
David Brazdil
[PATCH v2] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\", Nicolas Iooss
[PATCH v3 0/3] selinux: policy load fixes,
Ondrej Mosnacek
[PATCH v2 0/3] Split security_task_getsecid() into subj and obj variants,
Paul Moore
[PATCH] libsepol/cil: More strict verification of constraint leaf expressions, James Carter
[PATCH] libsepol/cil: Exit with an error if declaration name is a reserved word,
James Carter
Re: deadlock bug related to bpf,audit subsystems,
Paul Moore
[PATCH] libsepol/cil: Set class field to NULL when resetting struct cil_classperms, James Carter
[PATCH] libsepol/cil: cil_reset_classperms_set() should not reset classpermission, James Carter
Weird bug in NFS/SELinux,
Ondrej Mosnacek
[PATCH] libsepol/cil: Destroy classperm list when resetting map perms, James Carter
[PATCH] libsepol/cil: Destroy classperms list when resetting classpermission,
James Carter
[PATCH] selinux: vsock: Set SID for socket returned by accept(),
David Brazdil
libsepol/cil: use after free with optional classpermissionset, Nicolas Iooss
[PATCH 1/1] libsepol: make num_* unsigned int in module_to_cil,
Nicolas Iooss
[PATCH 1/4] libsepol/cil: Allow lists in constraint expressions,
James Carter
[PATCH 1/2] libsepol: Write "NO_IDENTIFIER" for empty constraint expression,
James Carter
[PATCH] xfs: use has_capability_noaudit() instead of capable() where appropriate,
Ondrej Mosnacek
[PATCH] libsepol/cil: Check for duplicate blocks, optionals, and macros,
James Carter
[PATCH v2] vfs: fix fsconfig(2) LSM mount option handling for btrfs,
Ondrej Mosnacek
libsepol/cil: type confusion between macro and optional leads to heap-buffer-overflow in cil_copy_macro,
Nicolas Iooss
[PATCH 1/2 v2] checkpolicy: Do not automatically upgrade when using "-b" flag,
James Carter
[PATCH 1/6] libsepol/cil: fix out-of-bound read of a file context pattern ending with "\",
Nicolas Iooss
[PATCH] libsepol: Remove unnecessary copying of declarations from link.c,
James Carter
[PATCH 1/2] checkpolicy: Do not automatically upgrade when using "-b" flag,
James Carter
[PATCH] libsepol: Expand role attributes in constraint expressions,
James Carter
Role attributes in traditional language constraints,
Christian Göttsche
[PATCH] libsepol: Properly handle types associated to role attributes,
James Carter
[PATCH] object_classes_permissions.md: Add anon_inode class,
Richard Haines
[PATCH v25 00/25] LSM: Module stacking for AppArmor,
Casey Schaufler
- [PATCH v25 01/25] LSM: Infrastructure management of the sock security, Casey Schaufler
- [PATCH v25 02/25] LSM: Add the lsmblob data structure., Casey Schaufler
- [PATCH v25 03/25] LSM: provide lsm name and id slot mappings, Casey Schaufler
- [PATCH v25 04/25] IMA: avoid label collisions with stacked LSMs, Casey Schaufler
- [PATCH v25 05/25] LSM: Use lsmblob in security_audit_rule_match, Casey Schaufler
- [PATCH v25 06/25] LSM: Use lsmblob in security_kernel_act_as, Casey Schaufler
- [PATCH v25 07/25] LSM: Use lsmblob in security_secctx_to_secid, Casey Schaufler
- [PATCH v25 08/25] LSM: Use lsmblob in security_secid_to_secctx, Casey Schaufler
- [PATCH v25 09/25] LSM: Use lsmblob in security_ipc_getsecid, Casey Schaufler
- [PATCH v25 10/25] LSM: Use lsmblob in security_task_getsecid, Casey Schaufler
- [PATCH v25 11/25] LSM: Use lsmblob in security_inode_getsecid, Casey Schaufler
- [PATCH v25 12/25] LSM: Use lsmblob in security_cred_getsecid, Casey Schaufler
- [PATCH v25 13/25] IMA: Change internal interfaces to use lsmblobs, Casey Schaufler
- [PATCH v25 14/25] LSM: Specify which LSM to display, Casey Schaufler
- [PATCH v25 15/25] LSM: Ensure the correct LSM context releaser, Casey Schaufler
- [PATCH v25 16/25] LSM: Use lsmcontext in security_secid_to_secctx, Casey Schaufler
- [PATCH v25 17/25] LSM: Use lsmcontext in security_inode_getsecctx, Casey Schaufler
- [PATCH v25 18/25] LSM: security_secid_to_secctx in netlink netfilter, Casey Schaufler
- [PATCH v25 19/25] NET: Store LSM netlabel data in a lsmblob, Casey Schaufler
- [PATCH v25 20/25] LSM: Verify LSM display sanity in binder, Casey Schaufler
- [PATCH v25 21/25] audit: add support for non-syscall auxiliary records, Casey Schaufler
- [PATCH v25 22/25] Audit: Add new record for multiple process LSM attributes, Casey Schaufler
- [PATCH v25 23/25] Audit: Add a new record for multiple object LSM attributes, Casey Schaufler
- [PATCH v25 24/25] LSM: Add /proc attr entry for full LSM context, Casey Schaufler
- [PATCH v25 25/25] AppArmor: Remove the exclusive flag, Casey Schaufler
[PATCH] libsepol/checkpolicy: Set user roles using role value instead of dominance,
James Carter
[PATCH] security/selinux/include/: fix misspellings using codespell tool,
menglong8 . dong
[PATCH] security/selinux/ss: fix misspellings using codespell tool,
menglong8 . dong
ANN: SPAN docker images, Karl MacMillan
ANN: SETools 4.4.0, Chris PeBenito
Quick announcement on the selinux/next and audit/next branches,
Paul Moore
[PATCH] cipso,calipso: resolve a number of problems with the DOI refcounts,
Paul Moore
ANN: SELinux userspace release 3.2, Petr Lautrbach
[PATCH v3 1/1] mm/madvise: replace ptrace attach requirement for process_madvise,
Suren Baghdasaryan
[PATCH testsuite 0/3] perf_event: fixes and cleanups,
Ondrej Mosnacek
[PATCH testsuite] lockdown: use debugfs/tracefs to test lockdown permissions,
Ondrej Mosnacek
[PATCH userspace] fixfiles: do not exclude /dev and /run in -C mode,
Ondrej Mosnacek
[PATCH 09/11] pragma once: convert scripts/selinux/genheaders/genheaders.c,
Alexey Dobriyan
[PATCH] libsepol: invalidate the pointer to the policydb if policydb_init fails,
Nicolas Iooss
[PATCH 1/1] restorecond: invalidate local_lock_fd properly when closing it,
Nicolas Iooss
[PATCH] libsepol/cil: fix NULL pointer dereference in cil_fill_ipaddr,
lutianxiong
[PATCH] perf/core: fix unconditional security_locked_down() call,
Ondrej Mosnacek
Rename 'master' branch to 'main',
Petr Lautrbach
ANN: SELinux userspace 3.2-rc3 release candidate,
Petr Lautrbach
[BUG] Race between policy reload sidtab conversion and live conversion,
Tyler Hicks
[PATCH] sepolicy: Do not try to load policy on import,
Petr Lautrbach
Re: [PATCH] powerpc/perf: Fix handling of privilege level checks in perf interrupt context, Ondrej Mosnacek
[PATCH] IMA: Add test for selinux measurement,
Lakshmi Ramasubramanian
[PATCH v3] policycoreutils: sestatus belongs to bin not sbin,
bauen1
[PATCH] libsepol/cil: handle SID without assigned context when writing policy.conf,
Christian Göttsche
[RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants,
Paul Moore
[PATCH v3 1/3] [security] Add new hook to compare new mount to an existing mount,
Olga Kornievskaia
[PATCH v3 1/2] [security] Add new hook to compare new mount to an existing mount,
Olga Kornievskaia
[PATCH v2 1/2] [security] Add new hook to compare new mount to an existing mount,
Olga Kornievskaia
security_task_getsecid() and subjective vs objective task creds,
Paul Moore
[PATCH] secilc: fixes cil_role_statements.md example,
Dominick Grift
[PATCH] libselinux: rename gettid() to something which never conflicts with the libc,
Nicolas Iooss
[PATCH] gui: fix "file type" selection in fcontextPage,
Vit Mojzis
[PATCH 1/2] libselinux: fix segfault in add_xattr_entry(),
Petr Lautrbach
[PATCH] RTIC: selinux: ARM64: Move selinux_state to a separate page,
Preeti Nagar
[GIT PULL] SELinux patches for v5.12,
Paul Moore
selinux-testsuite failures with selinux-policy-3.14.8-1,
Paul Moore
[PATCH] policycoretuils: sestatus belongs to bin not sbin,
bauen1
[PATCH 1/2] [security] Add new hook to compare new mount to an existing mount,
Olga Kornievskaia
[PATCH v2 0/2] selinux: policy load fixes,
Ondrej Mosnacek
[PATCH v3] selinux: measure state and policy capabilities,
Lakshmi Ramasubramanian
Defining SELinux users, "Unable to get valid context...". Help!,
Peter Whittaker
[PATCH][v2] selinux: Allow context mounts for unpriviliged overlayfs,
Vivek Goyal
alternative to glblub defaultrange, bauen1
[PATCH] selinux(8,5): Describe fcontext regular expressions,
Vit Mojzis
[PATCH] selinux: Allow context mounts for unpriviliged overlayfs,
Vivek Goyal
Recommended value in CONFIG_LSM option on SELinux system?,
Nicolas Iooss
[ANNOUNCE][CFP] Linux Security Summit 2021,
James Morris
[PATCH] libsepol/cil: Destroy disabled optional blocks after pass is complete,
James Carter
[PATCH] selinux: fix variable scope issue in live sidtab conversion,
Ondrej Mosnacek
[PATCH 0/2] libsepol: Validate policydb values when reading binary,
James Carter
[PATCH] libsepol: Eliminate gaps in the policydb role arrays,
James Carter
[PATCH 1/3] libsepol/cil: fix NULL pointer dereference with empty macro argument,
Nicolas Iooss
[PATCH] libsepol/cil: Fix integer overflow in the handling of hll line marks,
James Carter
[PATCH 1/2] secilc/docs: use fenced code blocks for cil examples, bauen1
[RFC][PATCH 0/2] keys: request_key() interception in containers,
David Howells
[PATCH RESEND v5] proc: Allow pid_revalidate() during LOOKUP_RCU,
Stephen Brennan
[PATCH 2/2] secilc/docs: add syntax highlighting for secil, bauen1
[PATCH 0/2] secilc/docs: add syntax highlighting for cil examples,
bauen1
[PATCH 1/2] libselinux/getconlist: report failures,
Christian Göttsche
ANN: Reference Policy 2.20210203, Chris PeBenito
ANN: SELinux userspace 3.2-rc2 release candidate, Petr Lautrbach
[PATCH 1/3] libsepol: remove unused files,
Nicolas Iooss
libsepol/cil: use-after-free with optional+class common,
Nicolas Iooss
[PATCH V2] libsepol/cil: Fix heap-use-after-free when using optional blockinherit,
James Carter
libsepol: signed integer overflow in the HLL line counter of CIL compiler,
Nicolas Iooss
[PATCH v3 1/1] process_madvise.2: Add process_madvise man page,
Suren Baghdasaryan
[PATCH 1/1] libsepol/cil: unlink blockinherit->block link when destroying a block,
Nicolas Iooss
[PATCH v2 1/1] scripts/release: make the script more robust, and release a source repository snapshot,
Nicolas Iooss
[PATCH] setfiles: drop now unused static variable,
Christian Göttsche
[PATCH] policycoreutils/setfiles: Drop unused nerr variable,
Petr Lautrbach
[PATCH] libsepol/cil: fix memory leak when a constraint expression is too deep,
Nicolas Iooss
[PATCH] libsepol/cil: fix heap-use-after-free when using optional blockinherit,
Nicolas Iooss
[PATCH v3] libsemanage: sync filesystem with sandbox,
Petr Lautrbach
[PATCH 1/1] scripts/release: make the script more robust and direct, Nicolas Iooss
[PATCH 0/3] support for duplicate measurement of integrity critical data,
Tushar Sugandhi
[PATCH] scripts/release: Release also tarball with everything,
Petr Lautrbach
[PATCH v2] selinux: measure state and policy capabilities,
Lakshmi Ramasubramanian
[PATCH v2 1/1] process_madvise.2: Add process_madvise man page,
Suren Baghdasaryan
Re: [PATCH v2 1/1] process_madvise.2: Add process_madvise man page, Michael Kerrisk (man-pages)
[PATCH] libsemanage: sync filesystem with sandbox,
Petr Lautrbach
[PATCH] selinux-notebook: Add policy version 33 requirements,
Richard Haines
[PATCH] selinux-notebook: Add new section for Embedded Systems,
Richard Haines
[PATCH v24 00/25] LSM: Module stacking for AppArmor,
Casey Schaufler
[Index of Archives]
[Selinux Refpolicy]
[Fedora Users]
[Fedora Desktop]
[Kernel]
[KDE Users]
[Gnome Users]
