linux-hardened/security
David Howells 927942aabb KEYS: Make /proc/keys check to see if a key is possessed before security check
Make /proc/keys check to see if the calling process possesses each key before
performing the security check.  The possession check can be skipped if the key
doesn't have the possessor-view permission bit set.

This causes the keys a process possesses to show up in /proc/keys, even if they
don't have matching user/group/other view permissions.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
2010-08-02 15:34:27 +10:00
..
integrity/ima kref: remove kref_set 2010-05-21 09:37:29 -07:00
keys KEYS: Make /proc/keys check to see if a key is possessed before security check 2010-08-02 15:34:27 +10:00
selinux selinux: remove all rcu head initializations 2010-08-02 15:33:35 +10:00
smack smack: opt_dentry is never null in in smack_d_instantiate() 2010-08-02 15:33:39 +10:00
tomoyo TOMOYO: Update profile structure. 2010-08-02 15:33:43 +10:00
capability.c LSM: Remove unused arguments from security_path_truncate(). 2010-08-02 15:33:40 +10:00
commoncap.c security: whitespace coding style fixes 2010-04-23 10:10:23 +10:00
device_cgroup.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
inode.c security: testing the wrong variable in create_by_name() 2010-04-22 21:17:41 +10:00
Kconfig remove CONFIG_SECURITY_FILE_CAPABILITIES compile option 2009-11-24 15:06:47 +11:00
lsm_audit.c Merge branch 'master' into next 2010-05-06 10:56:07 +10:00
Makefile NOMMU: Optimise away the {dac_,}mmap_min_addr tests 2009-12-17 09:25:19 +11:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c LSM: Remove unused arguments from security_path_truncate(). 2010-08-02 15:33:40 +10:00