Security Enhanced Linux (SELINUX)

Date Index

[Prev Page][Next Page]

[PATCH 2/2] sestatus: show checkreqprot status, (continued)
open permission is sometimes spelled recvfrom, Stephen Smalley
- Re: open permission is sometimes spelled recvfrom, Paul Moore
[PATCH 1/6] Revert "policycoreutils: let output of `fixfiles` be redirected (as normal)", Alan Jenkins
- [PATCH 5/6] policycoreutils: fixfiles: move logit call outside of redirected function, Alan Jenkins
- [PATCH 3/6] policycoreutils: fixfiles: clarify exclude_dirs(), Alan Jenkins
- [PATCH 4/6] policycoreutils: fixfiles: fix logging about R/O filesystems, Alan Jenkins
- [PATCH 2/6] policycoreutils: fixfiles: remove (broken) redundant code, Alan Jenkins
- [PATCH 6/6] policycoreutils: fixfiles: deprecate -l option, Alan Jenkins
- Re: [PATCH 1/6] Revert "policycoreutils: let output of `fixfiles` be redirected (as normal)", Dominick Grift
  - Re: [PATCH 1/6] Revert "policycoreutils: let output of `fixfiles` be redirected (as normal)", Dominick Grift
- Re: [PATCH 1/6] Revert "policycoreutils: let output of `fixfiles` be redirected (as normal)", James Carter
[PATCH] libsepol: Add INCLUDEDIR to utils/Makefile, Petr Lautrbach
- Re: [PATCH] libsepol: Add INCLUDEDIR to utils/Makefile, Petr Lautrbach
  - Re: [PATCH] libsepol: Add INCLUDEDIR to utils/Makefile, Stephen Smalley
  - Re: [PATCH] libsepol: Add INCLUDEDIR to utils/Makefile, Petr Lautrbach
    - [PATCH] libsepol/utils: Fix build without system sepol.h, Petr Lautrbach
      - Re: [PATCH] libsepol/utils: Fix build without system sepol.h, Stephen Smalley
[PATCH 1/2] libselinux/utils: add noreturn attribute to selinux_check_access's usage, Nicolas Iooss
- [PATCH 2/2] libsepol: silence false-positive -Wwrite-strings warning, Nicolas Iooss
  - Re: [PATCH 2/2] libsepol: silence false-positive -Wwrite-strings warning, Stephen Smalley
semanage: is __default__ login map required?, Arnold, Paul C CTR USARMY PEO STRI (US)
- Re: semanage: is __default__ login map required?, Stephen Smalley
  - Re: semanage: is __default__ login map required?, Stephen Smalley
    - Re: semanage: is __default__ login map required?, Arnold, Paul C CTR USARMY PEO STRI (US)
      - Re: semanage: is __default__ login map required?, Karl Macmillan
Policy capabilities: when to use and complications with using, Stephen Smalley
- Re: Policy capabilities: when to use and complications with using, Dominick Grift
  - Re: Policy capabilities: when to use and complications with using, Stephen Smalley
  - Re: Policy capabilities: when to use and complications with using, Paul Moore
    - Re: Policy capabilities: when to use and complications with using, Dominick Grift
      - Re: Policy capabilities: when to use and complications with using, Dominick Grift
        
        Re: Policy capabilities: when to use and complications with using, Petr Lautrbach
        
        Re: Policy capabilities: when to use and complications with using, Dominick Grift
        
        Re: Policy capabilities: when to use and complications with using, Paul Moore
- Re: Policy capabilities: when to use and complications with using, James Carter
  - Re: Policy capabilities: when to use and complications with using, Chris PeBenito
    - Re: Policy capabilities: when to use and complications with using, Dominick Grift
  - Re: Policy capabilities: when to use and complications with using, Paul Moore
    - Re: Policy capabilities: when to use and complications with using, Stephen Smalley
      - Re: Policy capabilities: when to use and complications with using, Paul Moore
        
        Re: Policy capabilities: when to use and complications with using, Stephen Smalley
        
        Re: Policy capabilities: when to use and complications with using, Paul Moore
MLS on centos 7, Naina Emmanuel
Several sepolicy fixes from Fedora, Petr Lautrbach
- [PATCH 01/19] policycoreutils/sepolicy: Add documentation for MCS separated domains, Petr Lautrbach
- [PATCH 02/19] sepolicy: Fix spelling mistakes in commands in generated manpages, Petr Lautrbach
- [PATCH 03/19] sepolicy: Add manpages for typealiased types, Petr Lautrbach
- [PATCH 04/19] sepolicy: Move svirt man page out of libvirt into its own, Petr Lautrbach
- [PATCH 05/19] policycoreutils/sepolicy: boolean.png is in help/, Petr Lautrbach
- [PATCH 06/19] Fix up generation of application policy, Petr Lautrbach
- [PATCH 07/19] sepolicy: ptrace should be a part of deny_ptrace boolean in TEMPLATETYPE_admin, Petr Lautrbach
- [PATCH 08/19] sepolicy: We should be creating _exec interfaces when we create the domtrans interface, Petr Lautrbach
- [PATCH 09/19] Fix typo in executable.py template., Petr Lautrbach
- [PATCH 10/19] sepolicy: Adapt to new the semodule list output, Petr Lautrbach
- [PATCH 11/19] sepolicy: Don't return filter(), use [ ] notation instead, Petr Lautrbach
- [PATCH 12/19] sepolicy: Simplify policy types detection, Petr Lautrbach
- [PATCH 13/19] sepolicy/generate.py: Fix string formatting, Petr Lautrbach
- [PATCH 14/19] policycoreutils/sepolicy: Define our own cmp(), Petr Lautrbach
- [PATCH 15/19] dbus: Use text streams in selinux_server.py, Petr Lautrbach
- [PATCH 16/19] sepolicy: setools.*Query wants a list in ruletype, Petr Lautrbach
- [PATCH 17/19] sepolicy: Fix several issues in 'sepolicy manpage -a', Petr Lautrbach
- [PATCH 18/19] sepolicy: info() should provide attributes for a TYPE, Petr Lautrbach
- [PATCH 19/19] sepolicy/gui: Update text strings to use better gettext templates, Petr Lautrbach
  - Re: [PATCH 19/19] sepolicy/gui: Update text strings to use better gettext templates, Stephen Smalley
[PATCH] libselinux: Remove util/selinux_restorecon.c, Richard Haines
- Re: [PATCH] libselinux: Remove util/selinux_restorecon.c, Stephen Smalley
[PATCH] libselinux: Add selinux_check_access utility, Richard Haines
[PATCH V2] libselinux: Add permissive= entry to avc audit log, Richard Haines
- Re: [PATCH V2] libselinux: Add permissive= entry to avc audit log, Dominick Grift
  - Re: [PATCH V2] libselinux: Add permissive= entry to avc audit log, Richard Haines
- Re: [PATCH V2] libselinux: Add permissive= entry to avc audit log, Stephen Smalley
Re: [PATCH security-next 2/2] selinux: use pernet operations for hook registration, Paul Moore
- Re: [PATCH security-next 2/2] selinux: use pernet operations for hook registration, Paul Moore
is_selinux_enabled() always returns 0 after selinux_set_policy_root(), Colin Walters
- Re: is_selinux_enabled() always returns 0 after selinux_set_policy_root(), Stephen Smalley
  - Re: is_selinux_enabled() always returns 0 after selinux_set_policy_root(), Colin Walters
    - Re: is_selinux_enabled() always returns 0 after selinux_set_policy_root(), Colin Walters
      - Re: is_selinux_enabled() always returns 0 after selinux_set_policy_root(), Stephen Smalley
        
        Re: is_selinux_enabled() always returns 0 after selinux_set_policy_root(), Dominick Grift
        
        Re: is_selinux_enabled() always returns 0 after selinux_set_policy_root(), Stephen Smalley
        
        Re: is_selinux_enabled() always returns 0 after selinux_set_policy_root(), Daniel Walsh
        
        Re: is_selinux_enabled() always returns 0 after selinux_set_policy_root(), Dominick Grift
    - Re: is_selinux_enabled() always returns 0 after selinux_set_policy_root(), Stephen Smalley
[PATCH 1/3] selinux: Implement LSM notification system, Sebastien Buisson
- [PATCH 2/3] selinux: add checksum to policydb, Sebastien Buisson
  - Re: [PATCH 2/3] selinux: add checksum to policydb, Stephen Smalley
    - Re: [PATCH 2/3] selinux: add checksum to policydb, Sebastien Buisson
      - Re: [PATCH 2/3] selinux: add checksum to policydb, Stephen Smalley
        
        Re: [PATCH 2/3] selinux: add checksum to policydb, Sebastien Buisson
        
        Re: [PATCH 2/3] selinux: add checksum to policydb, Stephen Smalley
        
        Re: [PATCH 2/3] selinux: add checksum to policydb, Sebastien Buisson
        
        Re: [PATCH 2/3] selinux: add checksum to policydb, Stephen Smalley
        
        Re: [PATCH 2/3] selinux: add checksum to policydb, Sebastien Buisson
        
        Re: [PATCH 2/3] selinux: add checksum to policydb, Stephen Smalley
- [PATCH 3/3] selinux: expose policy SHA256 checksum via selinuxfs, Sebastien Buisson
  - Re: [PATCH 3/3] selinux: expose policy SHA256 checksum via selinuxfs, Stephen Smalley
    - Re: [PATCH 3/3] selinux: expose policy SHA256 checksum via selinuxfs, James Morris
- Re: [PATCH 1/3] selinux: Implement LSM notification system, Casey Schaufler
  - Re: [PATCH 1/3] selinux: Implement LSM notification system, Daniel Jurgens
    - Re: [PATCH 1/3] selinux: Implement LSM notification system, Sebastien Buisson
    - Re: [PATCH 1/3] selinux: Implement LSM notification system, Casey Schaufler
  - Re: [PATCH 1/3] selinux: Implement LSM notification system, Stephen Smalley
    - Re: [PATCH 1/3] selinux: Implement LSM notification system, Casey Schaufler
[PATCH] libselinux: Add permissive= entry to avc audit log, Richard Haines
- Re: [PATCH] libselinux: Add permissive= entry to avc audit log, Stephen Smalley
  - Re: [PATCH] libselinux: Add permissive= entry to avc audit log, Richard Haines
Docker daemon in enforcing state, Umair Sarfraz
- Re: Docker daemon in enforcing state, Daniel Walsh
[PATCH 1/7] policycoreutils: honour LINGUAS variable, Jason Zaman
- [PATCH 2/7] libselinux: get pcre CFLAGS/LDFLAGS from pkg-config, Jason Zaman
- [PATCH 3/7] libselinux: PCRE_LDFLAGS is actually LDLIBS, Jason Zaman
- [PATCH 4/7] Makefiles: drop -L/-I to system paths, Jason Zaman
- [PATCH 5/7] restorecond: get pcre cflags/libs from pkg-config, Jason Zaman
- [PATCH 6/7] Add includes for DESTDIR only in root Makefile, Jason Zaman
- [PATCH 7/7] policycoreutils: make audit and pam support configurable, Jason Zaman
  - Re: [PATCH 7/7] policycoreutils: make audit and pam support configurable, Stephen Smalley
[RFC PATCH 1/1] libselinux: Add support for selinux_check_access_flags, Richard Haines
[RFC PATCH 0/1] libselinux: Add support for selinux_check_access_flags, Richard Haines
- Re: [RFC PATCH 0/1] libselinux: Add support for selinux_check_access_flags, Stephen Smalley
  - Re: [RFC PATCH 0/1] libselinux: Add support for selinux_check_access_flags, Richard Haines
    - Re: [RFC PATCH 0/1] libselinux: Add support for selinux_check_access_flags, Stephen Smalley
[PATCH] security: hooks : Prevent security to persist in memory (PR #31), Pirabarlen-Cheenaramen
- Re: [PATCH] security: hooks : Prevent security to persist in memory (PR #31), Paul Moore
last call for selinux 2.7-rc1 release, Stephen Smalley
- Re: last call for selinux 2.7-rc1 release, Jason Zaman
  - Re: last call for selinux 2.7-rc1 release, Stephen Smalley
- Re: last call for selinux 2.7-rc1 release, Stephen Smalley
SELinux BoF at Open Source Summit Japan, 中村雄一 / NAKAMURA，YUUICHI
Updating offline the commit_num file, Eduardo Barretto
- Re: Updating offline the commit_num file, Stephen Smalley
[PATCH v2] selinux-testsuite: Add CAP_MAC_ADMIN tests, Stephen Smalley
[PATCH] selinux-testsuite: Add CAP_MAC_ADMIN tests, Stephen Smalley
[PATCH] selinux: only invoke capabilities and selinux for CAP_MAC_ADMIN checks, Stephen Smalley
- Re: [PATCH] selinux: only invoke capabilities and selinux for CAP_MAC_ADMIN checks, Paul Moore
  - Re: [PATCH] selinux: only invoke capabilities and selinux for CAP_MAC_ADMIN checks, Stephen Smalley
    - Re: [PATCH] selinux: only invoke capabilities and selinux for CAP_MAC_ADMIN checks, Paul Moore
- Re: [PATCH] selinux: only invoke capabilities and selinux for CAP_MAC_ADMIN checks, Paul Moore
[PATCH] libsemanage: remove lock files, Guido Trentalancia
- Re: [PATCH] libsemanage: remove lock files, Stephen Smalley
  - Re: [PATCH] libsemanage: remove lock files, Guido Trentalancia
    - Re: [PATCH] libsemanage: remove lock files, Stephen Smalley
      - Re: [PATCH] libsemanage: remove lock files, Guido Trentalancia
        
        Re: [PATCH] libsemanage: remove lock files, Stephen Smalley
      - Re: [PATCH] libsemanage: remove lock files, Guido Trentalancia
- Re: [PATCH] libsemanage: remove lock files, Alan Jenkins
  - Re: [PATCH] libsemanage: remove lock files, Alan Jenkins
    - Re: [PATCH] libsemanage: remove lock files, Guido Trentalancia
      - Re: [PATCH] libsemanage: remove lock files, Guido Trentalancia
        
        Re: [PATCH] libsemanage: remove lock files, Russell Coker
        
        [PATCH v2] libsemanage: remove lock files, Guido Trentalancia
        
        [PATCH v3] libsemanage: remove lock files, Guido Trentalancia
        
        Re: [PATCH v3] libsemanage: remove lock files, Jason Zaman
        
        Re: [PATCH v3] libsemanage: remove lock files, Stephen Smalley
        
        Re: [PATCH v3] libsemanage: remove lock files, Guido Trentalancia
        
        Re: [PATCH v3] libsemanage: remove lock files, Stephen Smalley
        
        Re: [PATCH v2] libsemanage: remove lock files, Russell Coker via Selinux
SELinux "filtering" capabilities?, Casey Schaufler
- Re: SELinux "filtering" capabilities?, Stephen Smalley
  - Re: SELinux "filtering" capabilities?, Casey Schaufler
[GIT PULL] SELinux patches for 4.12, Paul Moore via Selinux
- Re: [GIT PULL] SELinux patches for 4.12, James Morris
Cannot write policy to allow { relabelto }, Ian Pilcher
- Re: Cannot write policy to allow { relabelto }, Dominick Grift
  - Re: Cannot write policy to allow { relabelto }, Ian Pilcher
    - Re: Cannot write policy to allow { relabelto }, Dominick Grift
      - Re: Cannot write policy to allow { relabelto }, Ian Pilcher
        
        Re: Cannot write policy to allow { relabelto }, Dominick Grift
let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Dominick Grift
- Re: let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Stephen Smalley
  - Re: let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Dominick Grift
  - Re: let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Daniel Walsh
    - Re: let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Stephen Smalley
      - Re: let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Dominick Grift
      - Re: let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Dominick Grift
        
        Re: let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Nicolas Iooss
        
        Re: let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Stephen Smalley
        
        Re: let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Daniel Walsh
        
        Re: let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Nicolas Iooss
        
        Re: let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Stephen Smalley
        
        Re: let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Daniel Walsh
        
        Re: let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Stephen Smalley
        
        Re: let's revert e3cab998b48ab293a9962faf9779d70ca339c65d, Daniel Walsh
[PATCH 0/2] show checkreqprot status in sestatus, Christian Göttsche
- [PATCH 1/2] libselinux: add security_checkreqprot, Christian Göttsche
  - Re: [PATCH 1/2] libselinux: add security_checkreqprot, Stephen Smalley
- [PATCH 2/2] sestatus: show checkreqprot status, Christian Göttsche
  - Re: [PATCH 2/2] sestatus: show checkreqprot status, Stephen Smalley
- Re: [PATCH 0/2] show checkreqprot status in sestatus, Christian Göttsche
[PATCH 0/2 v2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, James Carter
- [PATCH 1/2 v2] libsepol/cil: Add ability to expand some attributes in binary policy, James Carter
- [PATCH 2/2 v2] secilc: Add options to control the expansion of attributes, James Carter
- Re: [PATCH 0/2 v2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, James Carter
[PATCH 2/2] sestatus: show checkreqprot status, Christian Göttsche
[PATCH 1/2] libselinux: add security_checkreqprot, Christian Göttsche
- Re: [PATCH 1/2] libselinux: add security_checkreqprot, Nick Kralevich
  - Re: [PATCH 1/2] libselinux: add security_checkreqprot, Stephen Smalley
- Re: [PATCH 1/2] libselinux: add security_checkreqprot, Stephen Smalley
[PATCH] selinux: add selinux_is_enforced() function, Sebastien Buisson
- Re: [PATCH] selinux: add selinux_is_enforced() function, Paul Moore
  - Re: [PATCH] selinux: add selinux_is_enforced() function, Sebastien Buisson
    - Re: [PATCH] selinux: add selinux_is_enforced() function, Stephen Smalley
      - Re: [PATCH] selinux: add selinux_is_enforced() function, Sebastien Buisson
        
        Re: [PATCH] selinux: add selinux_is_enforced() function, Stephen Smalley
        
        Re: [PATCH] selinux: add selinux_is_enforced() function, Casey Schaufler
  - Re: [PATCH] selinux: add selinux_is_enforced() function, Sebastien Buisson
    - Re: [PATCH] selinux: add selinux_is_enforced() function, Stephen Smalley
      - Re: [PATCH] selinux: add selinux_is_enforced() function, Sebastien Buisson
        
        Re: [PATCH] selinux: add selinux_is_enforced() function, Stephen Smalley
        
        Re: [PATCH] selinux: add selinux_is_enforced() function, Sebastien Buisson
        
        Re: [PATCH] selinux: add selinux_is_enforced() function, Stephen Smalley
- Re: [PATCH] selinux: add selinux_is_enforced() function, Stephen Smalley
[PATCH] selinux: add selinux_status_get_seq() function, Sebastien Buisson
- Re: [PATCH] selinux: add selinux_status_get_seq() function, Paul Moore
- Re: [PATCH] selinux: add selinux_status_get_seq() function, Stephen Smalley
[PATCH 1/6] libsemanage: make semanage_..._destroy return void, Nicolas Iooss
- [PATCH 2/6] libsepol: cil: check cil_fill_list return value, Nicolas Iooss
- [PATCH 4/6] libselinux: getsebool: always free names, Nicolas Iooss
- [PATCH 3/6] libselinux: avoid calling strcmp() on a NULL pointer, Nicolas Iooss
- [PATCH 5/6] policycoreutils: newrole: do not free pw strings twice, Nicolas Iooss
- [PATCH 6/6] policycoreutils: newrole: always initialize pw fields, Nicolas Iooss
  - Re: [PATCH 6/6] policycoreutils: newrole: always initialize pw fields, Stephen Smalley
- Re: [PATCH 1/6] libsemanage: make semanage_..._destroy return void, Stephen Smalley
[PATCH v2] libsemanage: Save linked policy, skip re-link when possible, Stephen Smalley
[PATCH 0/2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, James Carter
- [PATCH 1/2] libsepol/cil: Add ability to expand some attributes in binary policy, James Carter
  - Re: [PATCH 1/2] libsepol/cil: Add ability to expand some attributes in binary policy, Dominick Grift
    - Re: [PATCH 1/2] libsepol/cil: Add ability to expand some attributes in binary policy, Dominick Grift
      - Re: [PATCH 1/2] libsepol/cil: Add ability to expand some attributes in binary policy, James Carter
        
        Re: [PATCH 1/2] libsepol/cil: Add ability to expand some attributes in binary policy, Dominick Grift
        
        Re: [PATCH 1/2] libsepol/cil: Add ability to expand some attributes in binary policy, Dominick Grift
    - Re: [PATCH 1/2] libsepol/cil: Add ability to expand some attributes in binary policy, James Carter
  - Re: [PATCH 1/2] libsepol/cil: Add ability to expand some attributes in binary policy, Jeffrey Vander Stoep
- [PATCH 2/2] secilc: Add options to control the expansion of attributes, James Carter
  - Re: [PATCH 2/2] secilc: Add options to control the expansion of attributes, Nicolas Iooss
    - Re: [PATCH 2/2] secilc: Add options to control the expansion of attributes, James Carter
- Re: [PATCH 0/2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, James Carter
  - Re: [PATCH 0/2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, Jeffrey Vander Stoep
    - Re: [PATCH 0/2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, Dominick Grift
- Re: [PATCH 0/2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, Dominick Grift
  - Re: [PATCH 0/2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, James Carter
    - Re: [PATCH 0/2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, James Carter
      - Re: [PATCH 0/2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, Dominick Grift
    - Re: [PATCH 0/2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, Dominick Grift
      - Re: [PATCH 0/2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, James Carter
        
        Re: [PATCH 0/2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, Dominick Grift
        
        Re: [PATCH 0/2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, James Carter
        
        Re: [PATCH 0/2] libsepol and checkpolicy: Add ability to expand some attributes in binary policy, Dominick Grift
[PATCH] libsemanage: Save linked policy, skip re-link when possible, Stephen Smalley
refpolicy flask generator script, Christian Göttsche
- Re: refpolicy flask generator script, Stephen Smalley
[PATCH 1/3] libsepol: do not free attr_name twice, Nicolas Iooss
- [PATCH 2/3] libsepol: do not leak memory when an error occurs, Nicolas Iooss
- [PATCH 3/3] libsepol: correct spelling errors in module_to_cil.c comments, Nicolas Iooss
  - Re: [PATCH 3/3] libsepol: correct spelling errors in module_to_cil.c comments, Stephen Smalley
[PATCH 1/2] libsepol: do not seg fault on sepol_*_key_free(NULL), Stephen Smalley
- [PATCH 2/2] libsemanage: revert "Skip policy module re-link when only setting booleans.", Stephen Smalley
[PATCH 1/6] libselinux: do not dereference a NULL pointer when calloc() fails, Nicolas Iooss
- [PATCH 5/6] libsepol: refuse to load policies with no block, Nicolas Iooss
- [PATCH 4/6] libselinux: ensure that 4 columns are read from /proc/mounts, Nicolas Iooss
- [PATCH 2/6] libsemanage: drop checks on semanage_module_info_destroy() value, Nicolas Iooss
  - Re: [PATCH 2/6] libsemanage: drop checks on semanage_module_info_destroy() value, Stephen Smalley
- [PATCH 3/6] libselinux: make process_boolean() fail on invalid lines, Nicolas Iooss
  - Re: [PATCH 3/6] libselinux: make process_boolean() fail on invalid lines, Stephen Smalley
- [PATCH 6/6] libsepol: do not wrap integers when checking bound, Nicolas Iooss
  - Re: [PATCH 6/6] libsepol: do not wrap integers when checking bound, Stephen Smalley
MLS directory label inheritance rules, Nick Kralevich
- Re: MLS directory label inheritance rules, William Roberts
- Re: MLS directory label inheritance rules, Dominick Grift
- Re: MLS directory label inheritance rules, Stephen Smalley
  - Re: MLS directory label inheritance rules, Stephen Smalley
    - Re: MLS directory label inheritance rules, Dennis Sherrell
      - Re: MLS directory label inheritance rules, Joshua Brindle
      - Re: MLS directory label inheritance rules, William Roberts
      - Re: MLS directory label inheritance rules, Casey Schaufler
add CONFIG_SECURITY_SELINUX_LOAD_ONCE, Nick Kralevich
- RE: add CONFIG_SECURITY_SELINUX_LOAD_ONCE, Roberts, William C
  - Re: add CONFIG_SECURITY_SELINUX_LOAD_ONCE, Nick Kralevich
- Re: add CONFIG_SECURITY_SELINUX_LOAD_ONCE, Tom Jones
  - Re: add CONFIG_SECURITY_SELINUX_LOAD_ONCE, William Roberts
    - Re: add CONFIG_SECURITY_SELINUX_LOAD_ONCE, Tom Jones
      - Re: add CONFIG_SECURITY_SELINUX_LOAD_ONCE, William Roberts
        
        RE: add CONFIG_SECURITY_SELINUX_LOAD_ONCE, thomasclinganjones
        
        RE: add CONFIG_SECURITY_SELINUX_LOAD_ONCE, William Roberts
- Re: add CONFIG_SECURITY_SELINUX_LOAD_ONCE, Paul Moore
[PATCH] policycoreutils/load_policy: Drop is_selinux_enabled() check, Luis Ressel
- Re: [PATCH] policycoreutils/load_policy: Drop is_selinux_enabled() check, Stephen Smalley
Setting booleans causes duplicate ports in semanage listings, Carlos Rodrigues
newrole: pam_systemd fails after dbus message rejection, cgzones
- Re: newrole: pam_systemd fails after dbus message rejection, Stephen Smalley
security_bounded_transition, cgzones
- Re: security_bounded_transition, Stephen Smalley
  - Re: security_bounded_transition, Dominick Grift
    - Re: security_bounded_transition, Christian Göttsche via Selinux
      - Re: security_bounded_transition, Stephen Smalley
Confining a Java process reading file, Rahmadi Trimananda
- Re: Confining a Java process reading file, Stephen Smalley
  - Re: Confining a Java process reading file, Rahmadi Trimananda
    - Re: Confining a Java process reading file, Stephen Smalley
      - Re: Confining a Java process reading file, Rahmadi Trimananda
        
        Re: Confining a Java process reading file, Stephen Smalley
        
        Re: Confining a Java process reading file, Stephen Smalley
        
        Re: Confining a Java process reading file, Rahmadi Trimananda
        
        Re: Confining a Java process reading file, Rahmadi Trimananda
        
        Re: Confining a Java process reading file, Rahmadi Trimananda
        
        Re: Confining a Java process reading file, Stephen Smalley
        
        Re: Confining a Java process reading file, Rahmadi Trimananda
Running Java and JVM on SELinux, Rahmadi Trimananda
- Re: Running Java and JVM on SELinux, William Roberts
  - Re: Running Java and JVM on SELinux, Rahmadi Trimananda
    - Re: Running Java and JVM on SELinux, William Roberts
      - Re: Running Java and JVM on SELinux, Rahmadi Trimananda
        
        Re: Running Java and JVM on SELinux, Rahmadi Trimananda
        
        Re: Running Java and JVM on SELinux, Russell Coker
        
        Re: Running Java and JVM on SELinux, Rahmadi Trimananda
        
        Re: Running Java and JVM on SELinux, William Roberts
        
        Re: Running Java and JVM on SELinux, Russell Coker
        
        Re: Running Java and JVM on SELinux, Rahmadi Trimananda
        
        Re: Running Java and JVM on SELinux, Rahmadi Trimananda
        
        Re: Running Java and JVM on SELinux, Russell Coker
        
        Re: Running Java and JVM on SELinux, William Roberts
        
        Re: Running Java and JVM on SELinux, William Roberts
    - Re: Running Java and JVM on SELinux, Stephen Smalley
      - Re: Running Java and JVM on SELinux, Rahmadi Trimananda
ssh/cron access checks and my Play Machine, Russell Coker
- Re: ssh/cron access checks and my Play Machine, Dominick Grift
  - Re: ssh/cron access checks and my Play Machine, Russell Coker
- Re: ssh/cron access checks and my Play Machine, Stephen Smalley
[PATCH] selinux: Fix an uninitialized variable bug, Dan Carpenter
- Re: [PATCH] selinux: Fix an uninitialized variable bug, Stephen Smalley
  - Re: [PATCH] selinux: Fix an uninitialized variable bug, Paul Moore
    - Re: selinux: Fix an uninitialized variable bug in range_read(), SF Markus Elfring
      - Re: selinux: Fix an uninitialized variable bug in range_read(), Paul Moore
    - Re: [PATCH] selinux: Fix an uninitialized variable bug, James Morris
      - Re: [PATCH] selinux: Fix an uninitialized variable bug, Paul Moore
        
        Re: [PATCH] selinux: Fix an uninitialized variable bug, James Morris
userspace object manager confused, Dominick Grift
- Re: userspace object manager confused, Stephen Smalley
  - Re: userspace object manager confused, Stephen Smalley
    - Re: userspace object manager confused, Dominick Grift
      - Re: userspace object manager confused, Stephen Smalley
        
        Re: userspace object manager confused, Dominick Grift
        
        Re: userspace object manager confused, Stephen Smalley
        
        Re: userspace object manager confused, James Carter
        
        Re: userspace object manager confused, Dominick Grift
        
        Re: userspace object manager confused, James Carter
        
        Re: userspace object manager confused, Dominick Grift
        
        Re: userspace object manager confused, James Carter
        
        Re: userspace object manager confused, Dominick Grift
        
        Re: userspace object manager confused, Dominick Grift
label for /proc directory (before mounting), Colin Walters
- Re: label for /proc directory (before mounting), Russell Coker
- Re: label for /proc directory (before mounting), Stephen Smalley
  - Re: label for /proc directory (before mounting), Dominick Grift
  - Re: label for /proc directory (before mounting), Colin Walters
[PATCH v2] libsepol: In module_to_cil create one attribute for each unique set, James Carter
- Re: [PATCH v2] libsepol: In module_to_cil create one attribute for each unique set, Nick Kralevich
  - Re: [PATCH v2] libsepol: In module_to_cil create one attribute for each unique set, James Carter
- Re: [PATCH v2] libsepol: In module_to_cil create one attribute for each unique set, James Carter
[PATCH] selinux: Fix SBLABEL_MNT for NFS mounts, Tomeu Vizoso
- Re: [PATCH] selinux: Fix SBLABEL_MNT for NFS mounts, J. Bruce Fields
  - Re: [PATCH] selinux: Fix SBLABEL_MNT for NFS mounts, Tomeu Vizoso
    - Re: [PATCH] selinux: Fix SBLABEL_MNT for NFS mounts, Stephen Smalley
      - Re: [PATCH] selinux: Fix SBLABEL_MNT for NFS mounts, J. Bruce Fields
        
        Re: [PATCH] selinux: Fix SBLABEL_MNT for NFS mounts, Stephen Smalley
        
        Re: [PATCH] selinux: Fix SBLABEL_MNT for NFS mounts, J. Bruce Fields
        
        [PATCH RFC 0/2] Fix setting of security labels over NFSv4.2, Scott Mayhew
        
        [PATCH RFC 2/2] nfs: update labeling behavior on a superblock when submounting, Scott Mayhew
        
        Re: [PATCH RFC 2/2] nfs: update labeling behavior on a superblock when submounting, Stephen Smalley
        
        Re: [PATCH RFC 2/2] nfs: update labeling behavior on a superblock when submounting, Scott Mayhew
        
        Re: [PATCH RFC 2/2] nfs: update labeling behavior on a superblock when submounting, Stephen Smalley
        
        [PATCH] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Scott Mayhew
        
        Re: [PATCH] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Scott Mayhew
        
        Re: [PATCH] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Stephen Smalley
        
        Re: [PATCH] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Stephen Smalley
        
        Re: [PATCH] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Scott Mayhew
        
        Re: [PATCH] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Stephen Smalley
        
        Re: [PATCH] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Scott Mayhew
        
        [PATCH v2] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Scott Mayhew
        
        Re: [PATCH v2] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Stephen Smalley
        
        Re: [PATCH v2] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Scott Mayhew
        
        [PATCH v3] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Scott Mayhew
        
        Re: [PATCH v3] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Scott Mayhew
        
        Re: [PATCH v3] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Stephen Smalley
        
        Re: [PATCH v3] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Paul Moore
        
        Re: [PATCH v3] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, J . Bruce Fields
        
        Re: [PATCH v3] security/selinux: allow security_sb_clone_mnt_opts to enable/disable native labeling behavior, Paul Moore
        
        Re: [PATCH RFC 2/2] nfs: update labeling behavior on a superblock when submounting, Stephen Smalley
        
        Re: [PATCH RFC 2/2] nfs: update labeling behavior on a superblock when submounting, J . Bruce Fields
        
        Re: [PATCH RFC 2/2] nfs: update labeling behavior on a superblock when submounting, Stephen Smalley
        
        [PATCH RFC 1/2] selinux: allow SECURITY_LSM_NATIVE_LABELS to be set on an already initialized superblock, Scott Mayhew
        
        Re: [PATCH RFC 0/2] Fix setting of security labels over NFSv4.2, Stephen Smalley
        
        Re: [PATCH RFC 0/2] Fix setting of security labels over NFSv4.2, J . Bruce Fields
        
        Re: [PATCH RFC 0/2] Fix setting of security labels over NFSv4.2, J . Bruce Fields
        
        Re: [PATCH RFC 0/2] Fix setting of security labels over NFSv4.2, Scott Mayhew
[PATCH 1/7] libsepol: do not dereference a NULL pointer when stack_init() fails, Nicolas Iooss
- [PATCH 2/7] libsepol: make process_boolean() fail on invalid lines, Nicolas Iooss
- [PATCH 3/7] libsepol: constify sepol_genbools()'s boolpath parameter, Nicolas Iooss
- [PATCH 4/7] libsepol: fix use-after-free in sepol_user_clone(), Nicolas Iooss
- [PATCH 5/7] libsemanage: do not close uninitialized file descriptors, Nicolas Iooss
- [PATCH 6/7] libsemanage: do not dereference a NULL pointer when calloc() fails, Nicolas Iooss
- [PATCH 7/7] libsemanage: genhomedircon: fix possible double-free, Nicolas Iooss
- Re: [PATCH 1/7] libsepol: do not dereference a NULL pointer when stack_init() fails, James Carter
[PATCH] libsepol: In module_to_cil create one attribute for each unique set, James Carter
- Re: [PATCH] libsepol: In module_to_cil create one attribute for each unique set, Nicolas Iooss
  - Re: [PATCH] libsepol: In module_to_cil create one attribute for each unique set, James Carter
[PATCH] selinux: Use task_alloc hook rather than task_create hook, Tetsuo Handa
- Re: [PATCH] selinux: Use task_alloc hook rather than task_create hook, Stephen Smalley
  - Re: [PATCH] selinux: Use task_alloc hook rather than task_create hook, Tetsuo Handa
    - Re: [PATCH] selinux: Use task_alloc hook rather than task_create hook, Paul Moore
      - Re: [PATCH] selinux: Use task_alloc hook rather than task_create hook, Tetsuo Handa
        
        Re: [PATCH] selinux: Use task_alloc hook rather than task_create hook, Paul Moore
        
        Re: [PATCH] selinux: Use task_alloc hook rather than task_create hook, Paul Moore
FOSSASIA 2017 SELinux intro talk, Jason Zaman
[PATCH 1/3] policycoreutils/setfiles: stdout messages don't need program prefix, Alan Jenkins
- [PATCH 3/3] policycoreutils: fixfiles: remove useless use of cat, Alan Jenkins
- [PATCH 2/3] policycoreutils/setfiles: don't scramble stdout and stderr together, Alan Jenkins
- Re: [PATCH 1/3] policycoreutils/setfiles: stdout messages don't need program prefix, James Carter
[PATCH 1/2] policycoreutils: fixfiles should handle path arguments more robustly, Alan Jenkins
- [PATCH 2/2] policycoreutils: fixfiles: handle unexpected spaces in command, Alan Jenkins
- Re: [PATCH 1/2] policycoreutils: fixfiles should handle path arguments more robustly, James Carter
[PATCH 1/1] libsepol/cil: do not dereference a NULL pointer when calloc() fails, Nicolas Iooss
- Re: [PATCH 1/1] libsepol/cil: do not dereference a NULL pointer when calloc() fails, James Carter
[PATCH] mcstrans: fix typo in mcstransd.8 man page, Nikola Forró
- Re: [PATCH] mcstrans: fix typo in mcstransd.8 man page, James Carter
[PATCH] selinux: fix double free in selinux_parse_opts_str(), Tetsuo Handa
- Re: [PATCH] selinux: fix double free in selinux_parse_opts_str(), Paul Moore
  - Re: [PATCH] selinux: fix double free in selinux_parse_opts_str(), Tetsuo Handa
    - Re: [PATCH] selinux: fix double free in selinux_parse_opts_str(), Casey Schaufler
    - Re: [PATCH] selinux: fix double free in selinux_parse_opts_str(), Paul Moore
      - Re: [PATCH] selinux: fix double free in selinux_parse_opts_str(), Tetsuo Handa
[ANNOUNCE] Linux Security Summit 2017 - CFP, James Morris
[PATCH 0/3 v3] libsepol and checkpolicy: Output CIL or policy.conf from kernel policy, James Carter
- [PATCH 3/3 v3] checkpolicy: Add options to convert binary policy to CIL or a policy.conf, James Carter
- [PATCH 2/3 v3] libsepol: Add ability to convert binary policy to policy.conf file, James Carter
- [PATCH 1/3 v3] libsepol: Add ability to convert binary policy to CIL, James Carter
- Re: [PATCH 0/3 v3] libsepol and checkpolicy: Output CIL or policy.conf from kernel policy, James Carter
security, hugetlbfs: write to user memory in hugetlbfs_destroy_inode, Dmitry Vyukov
- Re: security, hugetlbfs: write to user memory in hugetlbfs_destroy_inode, Dmitry Vyukov
  - Re: security, hugetlbfs: write to user memory in hugetlbfs_destroy_inode, Tetsuo Handa
    - Re: security, hugetlbfs: write to user memory in hugetlbfs_destroy_inode, Mike Kravetz
security: double-free in superblock_doinit, Dmitry Vyukov
- Re: security: double-free in superblock_doinit, Tetsuo Handa
[PATCH] libsepol/cil: Add hexadecimal support for Xen ioportcon statements, James Carter
- Re: [PATCH] libsepol/cil: Add hexadecimal support for Xen ioportcon statements, James Carter
net_admin audit for setsockopt SO_SNDBUFFORCE, cgzones
- Re: net_admin audit for setsockopt SO_SNDBUFFORCE, Stephen Smalley
  - Re: net_admin audit for setsockopt SO_SNDBUFFORCE, Russell Coker
    - Re: net_admin audit for setsockopt SO_SNDBUFFORCE, Stephen Smalley
      - Re: net_admin audit for setsockopt SO_SNDBUFFORCE, Russell Coker
[PATCH 0/3 v2] libsepol and checkpolicy: Output CIL or policy.conf from kernel policy, James Carter
- [PATCH 3/3 v2] checkpolicy: Add options to convert binary policy to CIL or a policy.conf, James Carter
- [PATCH 1/3 v2] libsepol: Add ability to convert binary policy to CIL, James Carter
- [PATCH 2/3 v2] libsepol: Add ability to convert binary policy to policy.conf file, James Carter
- Re: [PATCH 0/3 v2] libsepol and checkpolicy: Output CIL or policy.conf from kernel policy, Nicolas Iooss
  - Re: [PATCH 0/3 v2] libsepol and checkpolicy: Output CIL or policy.conf from kernel policy, James Carter
[PATCH 0/3] libsepol: Allow hexadecimal numbers in Xen context rules, James Carter
- [PATCH 1/3] libsepol/cil: Allow hexadecimal numbers in Xen context rules, James Carter
- [PATCH 2/3] libsepol: Update module_to_cil to output hexadecimal for Xen rules, James Carter
- [PATCH 3/3] libsepol/cil: Use hexadecimal numbers when writing Xen rules, James Carter
- Re: [PATCH 0/3] libsepol: Allow hexadecimal numbers in Xen context rules, James Carter
[PATCH] checkpolicy: Fix minor memory leak in checkpolicy, James Carter
- Re: [PATCH] checkpolicy: Fix minor memory leak in checkpolicy, James Carter
[PATCH 1/1] checkpolicy: dereference rangehead after checking it was not NULL, Nicolas Iooss
- Re: [PATCH 1/1] checkpolicy: dereference rangehead after checking it was not NULL, James Carter
[PATCH 1/1] libsepol/cil: avoid freeing uninitialized values, Nicolas Iooss
- Re: [PATCH 1/1] libsepol/cil: avoid freeing uninitialized values, James Carter
[PATCH 1/1] libsepol/cil: make reporting conflicting type transitions work, Nicolas Iooss
- Re: [PATCH 1/1] libsepol/cil: make reporting conflicting type transitions work, James Carter
[PATCH] selinux: Remove unnecessary check of array base in selinux_set_mapping(), Matthias Kaehlcke
- Re: [PATCH] selinux: Remove unnecessary check of array base in selinux_set_mapping(), Grant Grundler
  - Re: [PATCH] selinux: Remove unnecessary check of array base in selinux_set_mapping(), Paul Moore
    - Re: [PATCH] selinux: Remove unnecessary check of array base in selinux_set_mapping(), Grant Grundler
      - Re: [PATCH] selinux: Remove unnecessary check of array base in selinux_set_mapping(), Paul Moore
- Re: [PATCH] selinux: Remove unnecessary check of array base in selinux_set_mapping(), Grant Grundler
newrole as su'ed root, cgzones
- Re: newrole as su'ed root, Stephen Smalley
  - Re: newrole as su'ed root, cgzones
portcon in policy modules, Ian Pilcher
- Re: portcon in policy modules, Dominick Grift
  - Re: portcon in policy modules, Stephen Smalley
[PATCH] python/semanage: fix export of fcontext socket entries, Stephen Smalley
tomcat_t domain behavior, 面和毅
- Re: tomcat_t domain behavior, Gary Tierney
  - Re: tomcat_t domain behavior, Lukas Vrabec
    - Re: tomcat_t domain behavior, 面和毅
      - Re: tomcat_t domain behavior, 面和毅
        
        Re: tomcat_t domain behavior, 面和毅
Re: Bug#857660: SELinux: cannot sent policyload notice, cgzones
- Re: Bug#857660: SELinux: cannot sent policyload notice, Stephen Smalley
- Re: Bug#857660: SELinux: cannot sent policyload notice, Stephen Smalley
  - Re: Bug#857660: SELinux: cannot sent policyload notice, Simon McVittie
[PATCH 0/3] libsepol and checkpolicy: Output CIL or policy.conf from kernel policy, James Carter
- [PATCH 3/3] checkpolicy: Add options to convert binary policy to CIL or a policy.conf, James Carter
  - Re: [PATCH 3/3] checkpolicy: Add options to convert binary policy to CIL or a policy.conf, Stephen Smalley
    - Re: [PATCH 3/3] checkpolicy: Add options to convert binary policy to CIL or a policy.conf, James Carter
- [PATCH 2/3] libsepol: Add ability to convert binary policy to policy.conf file, James Carter
- [PATCH 1/3] libsepol: Add ability to convert binary policy to CIL, James Carter
  - Re: [PATCH 1/3] libsepol: Add ability to convert binary policy to CIL, Nicolas Iooss
- Re: [PATCH 0/3] libsepol and checkpolicy: Output CIL or policy.conf from kernel policy, Nicolas Iooss
  - Re: [PATCH 0/3] libsepol and checkpolicy: Output CIL or policy.conf from kernel policy, James Carter
[PATCH] Python 3.6 invalid escape sequence deprecation fixes, Ville Skyttä
- Re: [PATCH] Python 3.6 invalid escape sequence deprecation fixes, Petr Lautrbach
  - Re: [PATCH] Python 3.6 invalid escape sequence deprecation fixes, Stephen Smalley
Custom Process Label (SElinux), Kashif ali
- Re: Custom Process Label (SElinux), Thomas
- Re: Custom Process Label (SElinux), Russell Coker
  - Re: Custom Process Label (SElinux), Kashif ali
    - Re: Custom Process Label (SElinux), Kashif ali
      - Re: Custom Process Label (SElinux), cgzones
[PATCH v2] selinux: check for address length in selinux_socket_bind(), Alexander Potapenko
- Re: [PATCH v2] selinux: check for address length in selinux_socket_bind(), Eric Dumazet
- Re: [PATCH v2] selinux: check for address length in selinux_socket_bind(), David Miller
  - Re: [PATCH v2] selinux: check for address length in selinux_socket_bind(), Paul Moore
    - Re: [PATCH v2] selinux: check for address length in selinux_socket_bind(), Paul Moore
Fwd: Kernel repository updated to v4.11-rc1, Paul Moore
[PATCH 1/6] restorecond: add noreturn attribute to exitApp(), Nicolas Iooss
- [PATCH 2/6] checkpolicy: add noreturn attribute to usage(), Nicolas Iooss
- [PATCH 3/6] secilc: add noreturn attribute to usage(), Nicolas Iooss
- [PATCH 4/6] mcstrans: add noreturn attribute to usage(), Nicolas Iooss
- [PATCH 5/6] semodule-utils: add noreturn attribute to usage(), Nicolas Iooss
- [PATCH 6/6] policycoreutils: add noreturn attribute to usage(), Nicolas Iooss
- Re: [PATCH 1/6] restorecond: add noreturn attribute to exitApp(), James Carter
[PATCH 1/1] selinux: include sys/socket.h in host programs to have PF_MAX, Nicolas Iooss
- Re: [PATCH 1/1] selinux: include sys/socket.h in host programs to have PF_MAX, Paul Moore
[PATCH] selinux: check for address length in selinux_socket_bind(), Alexander Potapenko
- Re: [PATCH] selinux: check for address length in selinux_socket_bind(), Alexander Potapenko
- Re: [PATCH] selinux: check for address length in selinux_socket_bind(), Eric Dumazet
[PATCH] python/sepolicy: fix obtaining domain name in HTMLManPages, Vit Mojzis
- Re: [PATCH] python/sepolicy: fix obtaining domain name in HTMLManPages, Stephen Smalley
[PATCH] selinux-testsuite: capable_file: Add dac_override and dac_read_search tests, Stephen Smalley
seapply - alternative to semanage for configuration management, Doug Brown
- Re: seapply - alternative to semanage for configuration management, Stephen Smalley
Securing a service written in Python, Ian Pilcher
- Re: Securing a service written in Python, Russell Coker
SELinux type transition rule not working, Ian Pilcher
- Re: SELinux type transition rule not working, cgzones
  - Re: SELinux type transition rule not working, Ian Pilcher
    - Re: SELinux type transition rule not working, Ian Pilcher
      - Re: SELinux type transition rule not working, Jason Zaman
        
        Re: SELinux type transition rule not working, Ian Pilcher
        
        Re: SELinux type transition rule not working, Stephen Smalley
- Re: SELinux type transition rule not working, Russell Coker
- Re: [systemd-devel] SELinux type transition rule not working, Lennart Poettering
  - Re: [systemd-devel] SELinux type transition rule not working, Simon Sekidde
    - Re: [systemd-devel] SELinux type transition rule not working, Ian Pilcher
      - Re: [systemd-devel] SELinux type transition rule not working, Simon Sekidde
        
        Re: [systemd-devel] SELinux type transition rule not working, Simon Sekidde
        
        Re: [systemd-devel] SELinux type transition rule not working, Ian Pilcher
        
        Re: [systemd-devel] SELinux type transition rule not working, Simon Sekidde
        
        Re: [systemd-devel] SELinux type transition rule not working, Ian Pilcher
[GIT PULL] SELinux fixes for 4.11 (#1), Paul Moore
[PATCH] libsepol: Define cgroup_seclabel policy capability, Stephen Smalley
[PATCH] selinux: wrap cgroup seclabel support with its own policy capability, Stephen Smalley
- Re: [PATCH] selinux: wrap cgroup seclabel support with its own policy capability, Paul Moore
selinux transition rules, RM-IT R.Mielnik
- Message not available
  - Message not available
    - Message not available
      - Message not available
        
        Re: selinux transition rules, RM-IT R.Mielnik
[PATCH] selinux: fix kernel BUG on prlimit(..., NULL, NULL), Stephen Smalley
- Re: [PATCH] selinux: fix kernel BUG on prlimit(..., NULL, NULL), Paul Moore
  - Re: [PATCH] selinux: fix kernel BUG on prlimit(..., NULL, NULL), James Morris
- Re: [PATCH] selinux: fix kernel BUG on prlimit(..., NULL, NULL), James Morris
[PATCH 1/6] semodule_package: do not leak memory when using -u or -s, Nicolas Iooss
- [PATCH 2/6] libsepol/cil: do not dereference args before checking it was not null, Nicolas Iooss
- [PATCH 3/6] libsemanage: never call memcpy with a NULL value, Nicolas Iooss
  - Re: [PATCH 3/6] libsemanage: never call memcpy with a NULL value, William Roberts
    - Re: [PATCH 3/6] libsemanage: never call memcpy with a NULL value, William Roberts
- [PATCH 4/6] libsemanage/tests: include libsepol headers from $DESTDIR, Nicolas Iooss
- [PATCH 5/6] mcstrans: do not dereference color_str if it is NULL, Nicolas Iooss
- [PATCH 6/6] libselinux: initialize temp value in SWIG wrapper to prevent freeing garbage, Nicolas Iooss
- Re: [PATCH 1/6] semodule_package: do not leak memory when using -u or -s, James Carter
strange audit2allow error, Russell Coker
Support for multiple types in typeattribute, Alex Klyubin
- Re: Support for multiple types in typeattribute, Dominick Grift
  - Re: Support for multiple types in typeattribute, James Carter
[RFC v2 PATCH 2/2] kernel: Add SELinux SCTP protocol support, Richard Haines
- Re: [RFC v2 PATCH 2/2] kernel: Add SELinux SCTP protocol support, Stephen Smalley
  - Re: [RFC v2 PATCH 2/2] kernel: Add SELinux SCTP protocol support, Marcelo Ricardo Leitner
    - Re: [RFC v2 PATCH 2/2] kernel: Add SELinux SCTP protocol support, Richard Haines
  - Re: [RFC v2 PATCH 2/2] kernel: Add SELinux SCTP protocol support, Richard Haines
[RFC v2 PATCH 1/2] kernel: Add LSM hooks for SCTP support, Richard Haines
[RFC v2 PATCH 0/2] kernel: Add SELinux SCTP protocol support, Richard Haines
[PATCH] libselinux: allow link with -lfts, Natanael Copa
- Re: [PATCH] libselinux: allow link with -lfts, William Roberts
[PATCH] sepolgen: strip non-printable characters when parsing audit messages, Vit Mojzis
- Re: [PATCH] sepolgen: strip non-printable characters when parsing audit messages, James Carter
[RFC 4/7] selinux: mark __ro_mostly_after_init for selinux_hooks/selinux_nf_ops, Hoeun Ryu
- Re: [RFC 4/7] selinux: mark __ro_mostly_after_init for selinux_hooks/selinux_nf_ops, Tetsuo Handa
[PATCH 1/1] libselinux, libsemanage: make PYPREFIX computation more robust, Nicolas Iooss
- Re: [PATCH 1/1] libselinux, libsemanage: make PYPREFIX computation more robust, James Carter
[PATCH 1/5] libsepol/cil: use __cil_ordered_lists_destroy() to free unordered_classorder_lists, Nicolas Iooss
- [PATCH 4/5] libsepol/cil: do not leak left-hand side of an invalid constraint, Nicolas Iooss
- [PATCH 3/5] libsepol/cil: free the first operand if the second one is invalid, Nicolas Iooss
- [PATCH 5/5] libsepol/cil: free bitmaps in cil_level_equals(), Nicolas Iooss
- [PATCH 2/5] libsepol/cil: destroy bitmap when __cil_permx_str_to_int() fails, Nicolas Iooss
  - Re: [PATCH 2/5] libsepol/cil: destroy bitmap when __cil_permx_str_to_int() fails, James Carter
[PATCH] fs: switch order of CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH checks, Stephen Smalley
- <Possible follow-ups>
- [PATCH] fs: switch order of CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH checks, Stephen Smalley
  - Re: [PATCH] fs: switch order of CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH checks, Paul Moore
    - Re: [PATCH] fs: switch order of CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH checks, John Johansen
    - Re: [PATCH] fs: switch order of CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH checks, Paul Moore
  - Re: [PATCH] fs: switch order of CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH checks, Serge E. Hallyn
  - Re: [PATCH] fs: switch order of CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH checks, James Morris
[PATCH] timerfd: only check CAP_WAKE_ALARM when it is needed, Stephen Smalley
[PATCH v2] prlimit,security,selinux: add a security hook for prlimit, Stephen Smalley
[PATCH 0/2] selinux-testsuite: fixes for RHEL7.3, Stephen Smalley
- [PATCH 2/2] selinux-testsuite: fix nnp test for RHEL7, Stephen Smalley
- [PATCH 1/2] selinux-testsuite: exclude netlink_socket tests from RHEL7, Stephen Smalley
[PATCH] prlimit,security,selinux: add a security hook for prlimit, Stephen Smalley
- Re: [PATCH] prlimit,security,selinux: add a security hook for prlimit, James Morris
  - Re: [PATCH] prlimit, security, selinux: add a security hook for prlimit, Paul Moore
    - Re: [PATCH] prlimit,security,selinux: add a security hook for prlimit, James Morris
[RFC v2 PATCH 2/2] security: mark LSM hooks as __ro_after_init, James Morris
- Re: [RFC v2 PATCH 2/2] security: mark LSM hooks as __ro_after_init, Stephen Smalley
- Re: [RFC v2 PATCH 2/2] security: mark LSM hooks as __ro_after_init, Casey Schaufler
- <Possible follow-ups>
- [RFC v2 PATCH 2/2] security: mark LSM hooks as __ro_after_init, James Morris
[RFC v2 PATCH 1/2] security: introduce CONFIG_SECURITY_WRITABLE_HOOKS, James Morris
- Re: [RFC v2 PATCH 1/2] security: introduce CONFIG_SECURITY_WRITABLE_HOOKS, Tetsuo Handa
  - Re: [RFC v2 PATCH 1/2] security: introduce CONFIG_SECURITY_WRITABLE_HOOKS, James Morris
    - Re: [RFC v2 PATCH 1/2] security: introduce CONFIG_SECURITY_WRITABLE_HOOKS, Tetsuo Handa
      - Re: [RFC v2 PATCH 1/2] security: introduce CONFIG_SECURITY_WRITABLE_HOOKS, Casey Schaufler
        
        Re: [RFC v2 PATCH 1/2] security: introduce CONFIG_SECURITY_WRITABLE_HOOKS, Tetsuo Handa
        
        Re: [kernel-hardening] Re: [RFC v2 PATCH 1/2] security: introduce CONFIG_SECURITY_WRITABLE_HOOKS, Casey Schaufler
        
        Re: [kernel-hardening] Re: [RFC v2 PATCH 1/2] security: introduce CONFIG_SECURITY_WRITABLE_HOOKS, Daniel Micay
        
        Re: [kernel-hardening] Re: [RFC v2 PATCH 1/2] security: introduce CONFIG_SECURITY_WRITABLE_HOOKS, Tetsuo Handa
        
        Re: [kernel-hardening] Re: [RFC v2 PATCH 1/2] security: introduce CONFIG_SECURITY_WRITABLE_HOOKS, Casey Schaufler
- Re: [RFC v2 PATCH 1/2] security: introduce CONFIG_SECURITY_WRITABLE_HOOKS, Stephen Smalley
[RFC v2 PATCH 0/2] security: mark LSM hooks with __ro_after_init, James Morris
- Re: [kernel-hardening] [RFC v2 PATCH 0/2] security: mark LSM hooks with __ro_after_init, Kees Cook
[PATCH] libsemanage: Perform access check using euid instead of uid, Vit Mojzis
- Re: [PATCH] libsemanage: Perform access check using euid instead of uid, Stephen Smalley
  - Re: [PATCH] libsemanage: Perform access check using euid instead of uid, Stephen Smalley
    - Re: [PATCH] libsemanage: Perform access check using euid instead of uid, Stephen Smalley
      - Re: [PATCH] libsemanage: Perform access check using euid instead of uid, Stephen Smalley
  - Re: [PATCH] libsemanage: Perform access check using euid instead of uid, Petr Lautrbach
    - Re: [PATCH] libsemanage: Perform access check using euid instead of uid, Stephen Smalley
      - libsemanage: remove/replace access() checks to make setuid programs work, Vit Mojzis
        
        [PATCH 3/3] libsemanage: replace access(, F_OK) checks to make setuid programs work, Vit Mojzis
        
        Re: [PATCH 3/3] libsemanage: replace access(, F_OK) checks to make setuid programs work, Stephen Smalley
        
        Re: [PATCH 3/3] libsemanage: replace access(, F_OK) checks to make setuid programs work, Vit Mojzis
        
        Re: [PATCH 3/3] libsemanage: replace access(, F_OK) checks to make setuid programs work, Stephen Smalley
        
        [PATCH 1/3] libsemanage: remove access() check to make setuid programs work, Vit Mojzis
        
        [PATCH 2/3] libsemanage: remove access() check to make setuid programs work, Vit Mojzis
        
        Re: [PATCH 2/3] libsemanage: remove access() check to make setuid programs work, Stephen Smalley
        
        [PATCH 3/3] libsemanage: replace access(, F_OK) checks to make setuid programs work, Vit Mojzis
        
        Re: [PATCH 3/3] libsemanage: replace access(, F_OK) checks to make setuid programs work, Stephen Smalley
        
        [PATCH 1/3] libsemanage: remove access() check to make setuid programs work, Vit Mojzis
        
        [PATCH 2/3] libsemanage: remove access() check to make setuid programs work, Vit Mojzis
        
        Re: [PATCH 2/3] libsemanage: remove access() check to make setuid programs work, William Roberts
        
        Re: [PATCH 2/3] libsemanage: remove access() check to make setuid programs work, Stephen Smalley
        
        Re: [PATCH 2/3] libsemanage: remove access() check to make setuid programs work, William Roberts
        
        [PATCH 3/3] libsemanage: replace access() checks to make setuid programs work, Vit Mojzis
        
        Re: [PATCH 3/3] libsemanage: replace access() checks to make setuid programs work, William Roberts
        
        Re: [PATCH 3/3] libsemanage: replace access() checks to make setuid programs work, William Roberts
        
        Re: [PATCH 3/3] libsemanage: replace access() checks to make setuid programs work, Stephen Smalley
        
        Re: [PATCH 3/3] libsemanage: replace access() checks to make setuid programs work, William Roberts
        
        Re: [PATCH 3/3] libsemanage: replace access() checks to make setuid programs work, William Roberts
        
        Re: Re: [PATCH 3/3] libsemanage: replace access() checks to make setuid programs work, Stephen Smalley
        
        Re: Re: [PATCH 3/3] libsemanage: replace access() checks to make setuid programs work, William Roberts
        
        Re: [PATCH 3/3] libsemanage: replace access() checks to make setuid programs work, Stephen Smalley
        
        Re: [PATCH 3/3] libsemanage: replace access() checks to make setuid programs work, Stephen Smalley
        
        Re: [PATCH 3/3] libsemanage: replace access() checks to make setuid programs work, Stephen Smalley
        
        Re: [PATCH 3/3] libsemanage: replace access() checks to make setuid programs work, Stephen Smalley
        
        Re: [PATCH 1/3] libsemanage: remove access() check to make setuid programs work, William Roberts
        
        Re: [PATCH 3/3] libsemanage: replace access(, F_OK) checks to make setuid programs work, Stephen Smalley

[Index of Archives] [Selinux Refpolicy] [Fedora Users] [Fedora Desktop] [Kernel] [KDE Users] [Gnome Users]