Security Enhanced Linux (SELINUX)
[Prev Page][Next Page]
- Re: [PATCH v2 0/3] Add support for extracting modules, (continued)
- [PATCH] libselinux: test for file_contexts.bin format, Stephen Smalley
- [PATCH] libselinux: add selabel_cmp interface and label_file backend, Stephen Smalley
- [PATCH] sepolgen: convert cmp functions to key functions,
Robert Kuska
- [PATCH] sepolgen: Decode output from Popen in Python3,
Robert Kuska
- How do you relabel all SELinux file contexts of an offline system's file system?,
Bond Masuda
- [PATCH] libselinux: support specifying file_contexts.bin file path, Stephen Smalley
- [PATCH] libselinux: support file_contexts.bin without file_contexts, Stephen Smalley
- m4 synclines always 1?,
Roberts, William C
- [PATCH] checkpolicy: fix double free on name-based type transitions, Stephen Smalley
- Re: [PATCH 1/7] fs: Add user namesapace member to struct super_block,
Amir Goldstein
- Does it matter where .cil modules are build.,
Dan
- [PATCH] policycoreutils: Comment constraint rules in audit2allow and sepolgen output,
Petr Lautrbach
- [PATCH] semanage_migrate_store: add -r <root> option for migrating inside chroots,
Petr Lautrbach
- Android checkpolicy crash,
Roberts, William C
- Improve Python 3 support in policycoreutils/semanage/seobject.py,
Michal Srb
- [PATCH v2] libsepol: Replace sscanf in module_to_cil,
Yuli Khodorkovskiy
- [PATCH 0/3] Add support for extracting modules,
Yuli Khodorkovskiy
- [PATCH 0/2] Generalize tokenizer and remove sscanf calls from libsepol,
Yuli Khodorkovskiy
- [PATCH v2] ipc: Use private shmem or hugetlbfs inodes for shm segments.,
Stephen Smalley
- [PATCH v3 00/11] Smack namespace,
Lukasz Pawelczyk
- [PATCH v3 04/11] lsm: inode_pre_setxattr hook, Lukasz Pawelczyk
- [PATCH v3 06/11] smack: don't use implicit star to display smackfs/syslog, Lukasz Pawelczyk
- [PATCH v3 05/11] smack: extend capability functions and fix 2 checks, Lukasz Pawelczyk
- [PATCH v3 08/11] smack: misc cleanups in preparation for a namespace patch, Lukasz Pawelczyk
- [PATCH v3 09/11] smack: namespace groundwork, Lukasz Pawelczyk
- [PATCH v3 07/11] smack: abstraction layer for 2 common Smack operations, Lukasz Pawelczyk
- [PATCH v3 02/11] lsm: /proc/$PID/attr/label_map file and getprocattr_seq hook, Lukasz Pawelczyk
- [PATCH v3 11/11] smack: documentation for the Smack namespace, Lukasz Pawelczyk
- [PATCH v3 10/11] smack: namespace implementation, Lukasz Pawelczyk
- [PATCH v3 01/11] user_ns: 3 new LSM hooks for user namespace operations, Lukasz Pawelczyk
- [PATCH v3 03/11] lsm: add file opener's cred to a setprocattr arguments, Lukasz Pawelczyk
- [RFC][PATCH] ipc: Use private shmem or hugetlbfs inodes for shm segments.,
Stephen Smalley
- Trouble building a .cil policy from scratch.,
Dan
- [PATCH] libsepol/cil: Improve resolution error messages, Steve Lawrence
- [PATCH] policycoreutils: semanage: fix moduleRecords deleteall method, Stephen Smalley
- [PATCH] libsemanage: Add file_contexts and seusers to the store,
Yuli Khodorkovskiy
- Improve Python 3 support in policycoreutils,
Michal Srb
- [PATCH] libselinux: simplify procattr cache,
Stephen Smalley
- [GIT PULL] policycoreutils: fix PEP8 issues,
Jason Zaman
- Restricting samba to only talk to one network interface?,
Colin Powers
- [PATCH] libsepol: fix policydb_read for policy versions < 24, Stephen Smalley
- Trouble building secilc compiler,
Dan
- [PATCH 0/7] Initial support for user namespace owned mounts,
Seth Forshee
- Re: [PATCH 0/7] Initial support for user namespace owned mounts, Casey Schaufler
- Re: [PATCH 0/7] Initial support for user namespace owned mounts, Eric W. Biederman
- [PATCH 1/7] fs: Add user namesapace member to struct super_block, Seth Forshee
- [PATCH 3/7] fs: Ignore file caps in mounts from other user namespaces, Seth Forshee
- [PATCH 2/7] userns: Simpilify MNT_NODEV handling., Seth Forshee
- [PATCH 5/7] security: Restrict security attribute updates for userns mounts, Seth Forshee
- [PATCH 4/7] fs: Treat foreign mounts as nosuid, Seth Forshee
- [PATCH 6/7] selinux: Ignore security labels on user namespace mounts, Seth Forshee
- [PATCH 7/7] smack: Don't use security labels for user namespace mounts, Seth Forshee
- <Possible follow-ups>
- Re: [PATCH 0/7] Initial support for user namespace owned mounts, Amir Goldstein
- Re: [PATCH 0/7] Initial support for user namespace owned mounts, Amir Goldstein
- [no subject],
Robert Kuska
- [PATCH 01/11] sepolgen: Replace deprecated *Equals functions in tests, Robert Kuska
- [PATCH 03/11] sepolgen: Replace func_code calls with __code__., Robert Kuska
- [PATCH 02/11] sepolgen: Use relative imports for modules within sepolgen., Robert Kuska
- [PATCH 04/11] sepolgen: Use sort function with key parameter., Robert Kuska
- [PATCH 05/11] sepolgen: Unicode-objects must be encoded before hashing., Robert Kuska
- [PATCH 06/11] sepolgen: Replace usage of __cmp__ with rich comparison., Robert Kuska
- [PATCH 07/11] sepolgen: Replace usage of attributes of types module, Robert Kuska
- [PATCH 08/11] sepolgen: Replace usage of xrange inside of tests., Robert Kuska
- [PATCH 10/11] sepolgen: Close files after reading/writing in tests., Robert Kuska
- [PATCH 09/11] sepolgen: Apply fixes discovered by 2to3 where needed., Robert Kuska
- [PATCH 11/11] sepolgen: Edit tests so they pass even on Python3 where hash is random., Robert Kuska
- Re: Python3 Support for Sepolgen module, Robert Kuska
- [PATCH v2] Currently, jobs run by at are run in the crond_t domain and not transitioned outside of it., Laurent Bigonville
- [PATCH] Set self.sename to sename after calling semanage_seuser_set_sename(),
Laurent Bigonville
- [PATCH] selinux-testsuite: ipsec-load: Derive state context from current context., Stephen Smalley
- [PATCH] selinux-testsuite: enable running new tests on RHEL6/7, Stephen Smalley
- [PATCH] selinux-testsuite: Clean up prerequisites/dependencies., Stephen Smalley
- [PATCH] selinux-testsuite: move unix_socket and mmmap tests out of SUBDIRS_COMMON, Stephen Smalley
- [PATCH] sepolgen: add support for python3,
Robert Kuska
- [PATCH v2] libselinux: use /proc/thread-self when available,
Stephen Smalley
- [PATCH] libselinux: use /proc/thread-self when available, Stephen Smalley
- [PATCH] selinux-testsuite: update for mprotect PROT_EXEC regression fix, Stephen Smalley
- [GIT PULL] SELinux fixes for 4.2 (#2), Paul Moore
- [PATCH] libselinux: Add const to selinux_opt for label backends.,
Richard Haines
- [PATCH] selinux: fix mprotect PROT_EXEC regression caused by mm change,
Stephen Smalley
- [GIT PULL] SELinux fixes for 4.2, Paul Moore
- executing off of a fusefs,
Roberts, William C
- [PATCH] Add SELinux support to run jobs in the proper domain,
Laurent Bigonville
- [PATCH] Fix typo in semanage args for minimum policy store,
Petr Lautrbach
- Re: Linux 4.2-rc1,
Casey Schaufler
- [PATCH] selinux-testsuite: unix_socket: Add tests for file namespace., Stephen Smalley
- Re: mm: shmem_zero_setup skip security check and lockdep conflict with XFS,
Stephen Smalley
- [PATCH] Explicitly declare the role "base_r",
Laurent Bigonville
- [PATCH] selinux-testsuite: Add tests for mmap/mprotect, Stephen Smalley
- [PATCH] libselinux: Fix binary file labels for regexes with metachars,
Richard Haines
- [PATCH v2] libsemanage: Add policy binary and file_contexts.local to the store,
Yuli Khodorkovskiy
- [PATCH v2] libselinux: Fix file labels for regexes with metachars,
Jeff Vander Stoep
- [PATCH] libsemanage: Add policy binary and file_contexts.local to the store,
Yuli Khodorkovskiy
- [PATCH] libselinux: Fix file labels for regexes with metachars,
Jeff Vander Stoep
- [PATCH] selinux: don't waste ebitmap space when importing NetLabel categories, Paul Moore
- type inheritance in CIL,
Miroslav Grepl
- [PATCH V2] libselinux: Fix if file_contexts not '\n' terminated,
Richard Haines
- [PATCH] selinux-testsuite: Add a ToDo list., Stephen Smalley
- [PATCH] selinux-testsuite: add secmark tests, Stephen Smalley
- [PATCH] libselinux: Fix if file_contexts not '\n' terminated,
Richard Haines
- [PATCH] selinux-testsuite: add labeled ipsec tests, Stephen Smalley
- [PATCH] Allow to use compressed modules without a compression extension,
Petr Lautrbach
- [PATCH v3] selinux-testsuite: fix unix/inet socket tests, Stephen Smalley
- [PATCH] selinux-testsuite: Add tests for name_bind/node_bind/name_connect.,
Stephen Smalley
- [PATCH v2] selinux-testsuite: fix unix/inet socket tests, Stephen Smalley
- [PATCH] selinux-testsuite: fix unix/inet socket tests,
Stephen Smalley
- [PATCH] libselinux: Correctly handle an empty file_contexts file.,
Stephen Smalley
- NFS,
Andrew Holway
- [PATCH 00/10 v3] Improve libsepol and CIL neverallow and bounds checking,
James Carter
- [PATCH 01/10 v3] libsepol: Add new ebitmap function named ebitmap_match_any(), James Carter
- [PATCH 02/10 v3] libsepol: Treat types like an attribute in the attr_type_map., James Carter
- [PATCH 03/10 v3] libsepol: Refactored neverallow checking., James Carter
- [PATCH 07/10 v3] libsepol/cil: Track number of classes and number of types and attributes., James Carter
- [PATCH 05/10 v3] libsepol/cil: Add function to search the CIL AST for an AV rule., James Carter
- [PATCH 04/10 v3] libsepol: Refactored bounds (hierarchy) checking code, James Carter
- [PATCH 06/10 v3] libsepol/cil: Refactored CIL neverallow checking and reporting., James Carter
- [PATCH 09/10 v3] secilc: Add a CIL policy file to test neverallow checking., James Carter
- [PATCH 08/10 v3] libsepol/cil: Add CIL bounds checking and reporting., James Carter
- [PATCH 10/10 v3] secilc: Add a CIL policy file to test bounds checking., James Carter
- Re: [PATCH 00/10 v3] Improve libsepol and CIL neverallow and bounds checking, James Carter
- [PATCH] SELinux: Create a common helper to determine an inode label [ver #3],
David Howells
- [PATCH] SELinux: Create a common helper to determine an inode label [ver #2],
David Howells
- [PATCH] SELinux: Create a common helper to determine an inode label,
David Howells
- Re: [PATCH 7/8] SELinux: Create a common helper to determine an inode label,
Stephen Smalley
Re: [PATCH 6/8] SELinux: Handle opening of a unioned file,
Stephen Smalley
Re: [PATCH 5/8] SELinux: Stub in copy-up handling,
Stephen Smalley
[PATCH 00/10 v2] Improve libsepol and CIL neverallow and bounds checking,
James Carter
- [PATCH 01/10 v2] libsepol: Add new ebitmap function named ebitmap_match_any(), James Carter
- [PATCH 10/10 v2] secilc: Add a CIL policy file to test bounds checking., James Carter
- [PATCH 05/10 v2] libsepol/cil: Add function to search the CIL AST for an AV rule., James Carter
- [PATCH 03/10 v2] libsepol: Refactored neverallow checking., James Carter
- [PATCH 02/10 v2] libsepol: Treat types like an attribute in the attr_type_map., James Carter
- [PATCH 07/10 v2] libsepol/cil: Track number of classes and number of types and attributes., James Carter
- [PATCH 08/10 v2] libsepol/cil: Add CIL bounds checking and reporting., James Carter
- [PATCH 09/10 v2] secilc: Add a CIL policy file to test neverallow checking., James Carter
- [PATCH 04/10 v2] libsepol: Refactored bounds (hierarchy) checking code, James Carter
- [PATCH 06/10 v2] libsepol/cil: Refactored CIL neverallow checking and reporting., James Carter
[RFC][PATCH] net/tipc: initialize security state for new connection socket,
Stephen Smalley
[PATCH v2] selinux-testsuite: add inet_socket tests,
Stephen Smalley
[PATCH] selinux-testsuite: add inet_socket tests, Stephen Smalley
[PATCH V3] libselinux: Enhance file context support,
Richard Haines
[PATCH V2] libselinux: Enhance file context support,
Richard Haines
[PATCH V2] libselinux: Fix property processing and cleanup formatting,
Richard Haines
[PATCH v3] selinux: reduce locking overhead in inode_free_security(),
Waiman Long
[PATCH] selinux: Augment BUG_ON assertion for secclass_map.,
Stephen Smalley
[PATCH] selinux: initialize sock security class to default value,
Stephen Smalley
[PATCH] libselinux: Fix property processing and cleanup formatting,
Richard Haines
[PATCH] libselinux: Enhance file context support,
Richard Haines
[PATCH] policy_define.c: fix compiler warnings,
Nick Kralevich
R: R: SELinux: Interface Labeling Problem, Gmail
[PATCH] Remove uses of -Wno-return-type.,
Dan Albert
Kernel error: SELinux: Invalid class 0,
Tim Shearer
[PATCH 2/2 v6] selinux: extended permissions for ioctls,
Jeff Vander Stoep
[PATCH] checkpolicy: switch operations to extended perms,
Jeff Vander Stoep
New module store + /var being split off,
Miroslav Grepl
[PATCH] Fix -Wreturn-type issues.,
Dan Albert
[PATCH v2] selinux: reduce locking overhead in inode_free_security(),
Waiman Long
Why does semanage_migrate_store migrate file_contexts.local?, Sven Vermeulen
[PATCH 00/10] Improve libsepol and CIL neverallow and bounds checking,
James Carter
- [PATCH 10/10] secilc: Add a CIL policy file to test bounds checking., James Carter
- [PATCH 01/10] libsepol: Add new ebitmap function named ebitmap_match_any(), James Carter
- [PATCH 07/10] libsepol/cil: Track number of classes and number of types and attributes., James Carter
- [PATCH 05/10] libsepol/cil: Add function to search the CIL AST for an AV rule., James Carter
- [PATCH 02/10] libsepol: Treat types like an attribute in the attr_type_map., James Carter
- [PATCH 04/10] libsepol: Refactored bounds (hierarchy) checking code, James Carter
- [PATCH 03/10] libsepol: Refactored neverallow checking., James Carter
- [PATCH 06/10] libsepol/cil: Refactored CIL neverallow checking and reporting., James Carter
- [PATCH 09/10] secilc: Add a CIL policy file to test neverallow checking., James Carter
- [PATCH 08/10] libsepol/cil: Add CIL bounds checking and reporting., James Carter
Re: SELinux: Interface Labeling Problem,
Maurizio Pagani
[PATCH] selinux: reduce locking overhead in inode_free_security(),
Waiman Long
[PATCH] selinux-testsuite: update socket tests,
Stephen Smalley
[PATCH] Initialize kernfs nodes with LSMs,
william . c . roberts
[RFC][PATCH] net/unix: support SCM_SECURITY for stream sockets,
Stephen Smalley
[PATCH] selinux: do not remap unknown SIDs to the unlabeled context,
Stephen Smalley
[PATCH] Only invoke RPM on RPM-enabled Linux distributions,
Sven Vermeulen
refpolicywarn usage,
Ted Toth
SELinux tree updates,
Paul Moore
[PATCH] sepolicy-generate: Handle more reserved port types,
Masatake YAMATO
Seeing new denial on AOSP 5.1.1 w.r.t shell request read access on lnk_file .,
Ravi Kumar
[PATCH v3 0/6] SELinux testsuite compilation fixes,
Paul Moore
[GIT PULL] SELinux patches for 4.2,
Paul Moore
[PATCH] selinux: fix setting of security labels on NFS,
J. Bruce Fields
[PATCH] selinux-testsuite: adopt a more consistent style, Paul Moore
[PATCH v2 0/6] SELinux testsuite compilation fixes,
Paul Moore
[PATCH 0/3] SELinux testsuite compilation fixes,
Paul Moore
[PATCH 2/2 v5] selinux: extended permissions for ioctls,
Jeff Vander Stoep
[PATCH 0/2 v2] selinux: extended permissions for ioctl commands, Jeff Vander Stoep
[RFC PATCH] libselinux: Add read_spec_entries function to replace sscanf,
Richard Haines
getpidcon() behaviour when other LSM is enabled,
Laurent Bigonville
postgresql policy,
Ted Toth
[PATCH V2] libselinux: Support consistent mode size for bin files,
Richard Haines
[PATCH] libselinux: Expunge remaining references to flask.h and av_permissions.h., Stephen Smalley
[RFC][PATCH] selinux: Remove unused permission definitions,
Stephen Smalley
[PATCH] libselinux: Support consistent mode size for bin files,
Richard Haines
[PATCH V4] Fix more bin file processing core dumps,
Richard Haines
[PATCH] libsepol/cil: Do not allow categories/sensitivities inside blocks,
Yuli Khodorkovskiy
[RFC] [PATCH] kernfs: hook inode initialization for LSMs,
william . c . roberts
[PATCH 1/2] libsepol: with pp to CIL, only associate declared roleattributes with in-scope types,
Steve Lawrence
[Index of Archives]
[Selinux Refpolicy]
[Fedora Users]
[Fedora Desktop]
[Kernel]
[KDE Users]
[Gnome Users]
