Linux Security Module

Date Index

[Prev Page][Next Page]

You have a Greeting!, Donna
[PATCH] CRED: Fix commit_creds() on a process that has no mm, David Howells
- Re: [PATCH] CRED: Fix commit_creds() on a process that has no mm, James Morris
Re: [PATCH] Security: Implement and document RLIMIT_NETWORK. (fwd), Eric W. Biederman
Re: [PATCH] Security: Implement and document RLIMIT_NETWORK., James Morris
- Re: [PATCH] Security: Implement and document RLIMIT_NETWORK., Michael Stone
[GIT] More security updates for 2.6.29, James Morris
[PATCH] Add in_execve flag into task_struct., Tetsuo Handa
- Re: [PATCH] Add in_execve flag into task_struct., Serge E. Hallyn
  - Re: [PATCH] Add in_execve flag into task_struct., Shaya Potter
    - Re: [PATCH] Add in_execve flag into task_struct., Stephen Smalley
      - Re: [PATCH] Add in_execve flag into task_struct., Tetsuo Handa
        
        Re: [PATCH] Add in_execve flag into task_struct., Serge E. Hallyn
        
        Re: [PATCH] Add in_execve flag into task_struct., Tetsuo Handa
[PATCH] Introduce d_realpath()., Tetsuo Handa
- Re: [PATCH] Introduce d_realpath()., Miklos Szeredi
  - Re: [PATCH] Introduce d_realpath()., Tetsuo Handa
[RFC v3]Provide a method for detecting labeling support on a file system., David P. Quigley
- [PATCH 3/3] SELinux: Unify context mount and genfs behavior, David P. Quigley
- [PATCH 2/3] SELinux: Add new security mount option to indicate security label support., David P. Quigley
  - Re: [PATCH 2/3] SELinux: Add new security mount option to indicate security label support., Eric Paris
    - Re: [PATCH 2/3] SELinux: Add new security mount option to indicate security label support., James Morris
    - Re: [PATCH 2/3] SELinux: Add new security mount option to indicate security label support., David P. Quigley
      - Re: [PATCH 2/3] SELinux: Add new security mount option to indicate security label support., Eric Paris
- [PATCH 1/3] SELinux: Condense super block security structure flags and cleanup necessary code., David P. Quigley
[TOMOYO #14 (mmotm 2008-12-30-16-05) 00/10] TOMOYO Linux, Tetsuo Handa
- [TOMOYO #14 (mmotm 2008-12-30-16-05) 01/10] Add in_execve flag into task_struct., Tetsuo Handa
  - Re: [TOMOYO #14 (mmotm 2008-12-30-16-05) 01/10] Add in_execve flag into task_struct., James Morris
- [TOMOYO #14 (mmotm 2008-12-30-16-05) 02/10] Singly linked list implementation., Tetsuo Handa
  - Re: [TOMOYO #14 (mmotm 2008-12-30-16-05) 02/10] Singly linked list implementation., James Morris
    - Re: [TOMOYO #14 (mmotm 2008-12-30-16-05) 02/10] Singly linked list implementation., Tetsuo Handa
      - Re: [TOMOYO #14 (mmotm 2008-12-30-16-05) 02/10] Singly linked list implementation., James Morris
        
        Re: [TOMOYO #14 (mmotm 2008-12-30-16-05) 02/10] Singly linked list implementation., Tetsuo Handa
        
        Re: [TOMOYO #14 (mmotm 2008-12-30-16-05) 02/10] Singly linked list implementation., Serge E. Hallyn
        
        Re: [TOMOYO #14 (mmotm 2008-12-30-16-05) 02/10] Singly linked list implementation., Tetsuo Handa
- [TOMOYO #14 (mmotm 2008-12-30-16-05) 03/10] Introduce d_realpath()., Tetsuo Handa
  - Re: [TOMOYO #14 (mmotm 2008-12-30-16-05) 03/10] Introduce d_realpath()., James Morris
- [TOMOYO #14 (mmotm 2008-12-30-16-05) 04/10] Memory and pathname management functions., Tetsuo Handa
- [TOMOYO #14 (mmotm 2008-12-30-16-05) 06/10] File operation restriction part., Tetsuo Handa
- [TOMOYO #14 (mmotm 2008-12-30-16-05) 05/10] Common functions for TOMOYO Linux., Tetsuo Handa
- [TOMOYO #14 (mmotm 2008-12-30-16-05) 10/10] MAINTAINERS info, Tetsuo Handa
- [TOMOYO #14 (mmotm 2008-12-30-16-05) 08/10] LSM adapter functions., Tetsuo Handa
- [TOMOYO #14 (mmotm 2008-12-30-16-05) 09/10] Kconfig and Makefile, Tetsuo Handa
- [TOMOYO #14 (mmotm 2008-12-30-16-05) 07/10] Domain transition handler., Tetsuo Handa
Re: [PATCH] CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2], James Morris
- <Possible follow-ups>
- Re: [PATCH] CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2], James Morris
  - Re: [PATCH] CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2], Serge E. Hallyn
    - Re: [PATCH] CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2], Serge E. Hallyn
  - Re: [PATCH] CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2], David Howells
    - Re: [PATCH] CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2], Serge E. Hallyn
    - Re: [PATCH] CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2], David Howells
      - Re: [PATCH] CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2], Serge E. Hallyn
      - Re: [PATCH] CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2], David Howells
        
        Re: [PATCH] CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2], Serge E. Hallyn
  - Message not available
    - Message not available
      - Message not available
        
        [PATCH] CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #3], David Howells
        
        Re: [PATCH] CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #3], James Morris
        
        Re: [PATCH] CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #3], J. Bruce Fields
        
        Re: [PATCH] CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #3], James Morris
[GIT PULL] Labeled networking patches for 2.6.29, Paul Moore
- Re: [GIT PULL] Labeled networking patches for 2.6.29, James Morris
  - Re: [GIT PULL] Labeled networking patches for 2.6.29, Paul Moore
    - Re: [GIT PULL] Labeled networking patches for 2.6.29, James Morris
[PATCH] keys: fix sparse warning by adding __user annotation to cast, James Morris
- Re: [PATCH] keys: fix sparse warning by adding __user annotation to cast, David Howells
[GIT] security/smack update for 2.6.29, James Morris
[GIT] Security changes for 2.6.29, James Morris
- Re: [GIT] Security changes for 2.6.29, Linus Torvalds
- Re: [GIT] Security changes for 2.6.29, David Howells
  - Re: [GIT] Security changes for 2.6.29, Linus Torvalds
    - Re: [GIT] Security changes for 2.6.29, James Morris
[PATCH] smackfs: check for allocation failures in smk_set_access(), Sergio Luis
- Re: [PATCH] smackfs: check for allocation failures in smk_set_access(), Casey Schaufler
  - Re: [PATCH] smackfs: check for allocation failures in smk_set_access(), James Morris
[PATCH 0/3][RFC] Fix security and SELinux handling of proc/* filesystems, James Morris
- [PATCH 1/3][RFC] SELinux: correctly detect proc filesystems of the form "proc/foo", James Morris
  - Re: [PATCH 1/3][RFC] SELinux: correctly detect proc filesystems of the form "proc/foo", David P. Quigley
- [PATCH 2/3][RFC] security: pass mount flags to security_sb_kern_mount(), James Morris
  - Re: [PATCH 2/3][RFC] security: pass mount flags to security_sb_kern_mount(), Stephen Smalley
- [PATCH 3/3][RFC] SELinux: don't check permissions for kernel mounts, James Morris
  - Re: [PATCH 3/3][RFC] SELinux: don't check permissions for kernel mounts, Stephen Smalley
- Re: [PATCH 0/3][RFC] Fix security and SELinux handling of proc/* filesystems, David Miller
Re: [patch 04/11] vfs: introduce new LSM hooks where vfsmount is available., Kentaro Takeda
- Re: [patch 04/11] vfs: introduce new LSM hooks where vfsmount is available., Kentaro Takeda
  - Re: [patch 04/11] vfs: introduce new LSM hooks where vfsmount is available., Kentaro Takeda
MAC and pam_nologin (was Re: man-pages-3.15 is released), Tetsuo Handa
- Re: MAC and pam_nologin (was Re: man-pages-3.15 is released), Valdis . Kletnieks
[RFC PATCH v3 0/3] Labeled networking patches for 2.6.29, Paul Moore
- [RFC PATCH v3 1/3] netlabel: Update kernel configuration API, Paul Moore
- [RFC PATCH v3 2/3] selinux: Deprecate and schedule the removal of the the compat_net functionality, Paul Moore
- [RFC PATCH v3 3/3] smack: Add support for unlabeled network hosts and networks, Paul Moore
[Labeled-nfs] [RFC v4] Security Label Support for NFSv4, David P. Quigley
- [PATCH 07/14] KConfig: Add KConfig entries for Labeled NFS, David P. Quigley
- [PATCH 09/14] NFS: Add security_label text mount option and handling code to NFS, David P. Quigley
  - Re: [PATCH 09/14] NFS: Add security_label text mount option and handling code to NFS, James Morris
    - Re: [Labeled-nfs] [PATCH 09/14] NFS: Add security_label text mount option and handling code to NFS, Matthew N. Dodd
- [PATCH 08/14] NFSv4: Add label recommended attribute and NFSv4 flags, David P. Quigley
  - Re: [PATCH 08/14] NFSv4: Add label recommended attribute and NFSv4 flags, James Morris
- [PATCH 02/14] VFS: Factor out part of vfs_setxattr so it can be called from the SELinux hook for inode_setsecctx., David P. Quigley
- [PATCH 13/14] NFS: Extend NFS xattr handlers to accept the security namespace, David P. Quigley
- [PATCH 11/14] NFSv4: Introduce new label structure, David P. Quigley
- [PATCH 01/14] patch fix_use_before_init_in_nfsd4_list_rec_dir, David P. Quigley
- [PATCH 14/14] NFSD: Server implementation of MAC Labeling, David P. Quigley
  - Re: [PATCH 14/14] NFSD: Server implementation of MAC Labeling, James Morris
- [PATCH 12/14] NFS: Client implementation of Labeled-NFS, David P. Quigley
  - Re: [PATCH 12/14] NFS: Client implementation of Labeled-NFS, James Morris
- [PATCH 06/14] SELinux: Add new labeling type native labels, David P. Quigley
- [PATCH 04/14] Security: Add hook to calculate context based on a negative dentry., David P. Quigley
- [PATCH 03/14] LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information., David P. Quigley
  - Re: [PATCH 03/14] LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information., James Morris
    - Re: [PATCH 03/14] LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information., David P. Quigley
      - Re: [PATCH 03/14] LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information., David P. Quigley
      - Re: [PATCH 03/14] LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information., Matthew N. Dodd
- [PATCH 10/14] NFS: Introduce lifecycle management for label attribute., David P. Quigley
  - Re: [PATCH 10/14] NFS: Introduce lifecycle management for label attribute., James Morris
- [PATCH 05/14] Security: Add Hook to test if the particular xattr is part of a MAC model., David P. Quigley
rfc: add hook to commoncap.c to enable extrnal policy for execve'd programs, Markku Savela
- Re: rfc: add hook to commoncap.c to enable extrnal policy for execve'd programs, Markku Savela
- Re: rfc: add hook to commoncap.c to enable extrnal policy for execve'd programs, Andrew G. Morgan
  - Re: rfc: add hook to commoncap.c to enable extrnal policy for execve'd programs, Serge E. Hallyn
[TOMOYO #13 (mmotm 2008-11-19-02-19) 00/11] TOMOYO Linux, Tetsuo Handa
- [TOMOYO #13 (mmotm 2008-11-19-02-19) 01/11] Introduce security_path_clear() hook., Tetsuo Handa
  - Re: [TOMOYO #13 (mmotm 2008-11-19-02-19) 01/11] Introduce security_path_clear() hook., Stephen Smalley
    - Re: [TOMOYO #13 (mmotm 2008-11-19-02-19) 01/11] Introduce security_path_clear() hook., Tetsuo Handa
      - Re: [TOMOYO #13 (mmotm 2008-11-19-02-19) 01/11] Introduce security_path_clear() hook., Stephen Smalley
        
        Re: [TOMOYO #13 (mmotm 2008-11-19-02-19) 01/11] Introduce security_path_clear() hook., Kentaro Takeda
        
        [PATCH (mmotm-2008-12-02-17-08)] Introduce security_path_set/clear() hooks., Kentaro Takeda
        
        Re: [PATCH (mmotm-2008-12-02-17-08)] Introduce security_path_set/clear() hooks., Stephen Smalley
        
        Re: [PATCH (mmotm-2008-12-02-17-08)] Introduce security_path_set/clear() hooks., Tetsuo Handa
        
        Re: [PATCH (mmotm-2008-12-02-17-08)] Introduce security_path_set/clear() hooks., Serge E. Hallyn
        
        Re: [PATCH (mmotm-2008-12-02-17-08)] Introducesecurity_path_set/clear() hooks., Tetsuo Handa
        
        Re: [PATCH (mmotm-2008-12-02-17-08)] Introduce security_path_set/clear() hooks., Stephen Smalley
        
        Re: [PATCH (mmotm-2008-12-02-17-08)] Introduce security_path_set/clear() hooks., Tetsuo Handa
        
        [RFC] Add "reason" parameter to mnt_want_write()., Tetsuo Handa
        
        Re: [RFC] Add "reason" parameter to mnt_want_write()., Al Viro
        
        Re: [PATCH (mmotm-2008-12-02-17-08)] Introduce security_path_set/clear() hooks., Al Viro
- [TOMOYO #13 (mmotm 2008-11-19-02-19) 02/11] Add in_execve flag into task_struct., Tetsuo Handa
- [TOMOYO #13 (mmotm 2008-11-19-02-19) 03/11] Singly linked list implementation., Tetsuo Handa
- [TOMOYO #13 (mmotm 2008-11-19-02-19) 04/11] Introduce d_realpath()., Tetsuo Handa
- [TOMOYO #13 (mmotm 2008-11-19-02-19) 05/11] Memory and pathname management functions., Tetsuo Handa
- [TOMOYO #13 (mmotm 2008-11-19-02-19) 07/11] File operation restriction part., Tetsuo Handa
- [TOMOYO #13 (mmotm 2008-11-19-02-19) 09/11] LSM adapter functions., Tetsuo Handa
  - Re: [TOMOYO #13 (mmotm 2008-11-19-02-19) 09/11] LSM adapter functions., Stephen Smalley
    - Re: [TOMOYO #13 (mmotm 2008-11-19-02-19) 09/11] LSM adapter functions., Tetsuo Handa
- [TOMOYO #13 (mmotm 2008-11-19-02-19) 06/11] Common functions for TOMOYO Linux., Tetsuo Handa
- [TOMOYO #13 (mmotm 2008-11-19-02-19) 08/11] Domain transition handler., Tetsuo Handa
- [TOMOYO #13 (mmotm 2008-11-19-02-19) 10/11] Kconfig and Makefile, Tetsuo Handa
- [TOMOYO #13 (mmotm 2008-11-19-02-19) 11/11] MAINTAINERS info, Tetsuo Handa
- Re: [TOMOYO #13 (mmotm 2008-11-19-02-19) 00/11] TOMOYO Linux, Tetsuo Handa
[RFC PATCH v2 0/2] Labeled networking patches for 2.6.29, Paul Moore
- [RFC PATCH v2 1/2] netlabel: Update kernel configuration API, Paul Moore
- [RFC PATCH v2 2/2] netlabel: Allow the static labels to take precedence over wire labels, Paul Moore
Merge conflict resolved in creds code, James Morris
- Re: Merge conflict resolved in creds code, David Howells
  - Re: Merge conflict resolved in creds code, James Morris
  - Re: Merge conflict resolved in creds code, David Howells
[PATCH 00/77] Introduce credentials, David Howells
- [PATCH 02/77] CRED: Wrap task credential accesses in the MIPS arch, David Howells
- [PATCH 03/77] CRED: Wrap task credential accesses in the PA-RISC arch, David Howells
- [PATCH 04/77] CRED: Wrap task credential accesses in the PowerPC arch, David Howells
- [PATCH 01/77] CRED: Wrap task credential accesses in the IA64 arch, David Howells
- [PATCH 05/77] CRED: Wrap task credential accesses in the S390 arch, David Howells
- [PATCH 06/77] CRED: Wrap task credential accesses in the x86 arch, David Howells
- [PATCH 07/77] CRED: Wrap task credential accesses in the block loopback driver, David Howells
- [PATCH 08/77] CRED: Wrap task credential accesses in the tty driver, David Howells
- [PATCH 09/77] CRED: Wrap task credential accesses in the ISDN drivers, David Howells
- [PATCH 10/77] CRED: Wrap task credential accesses in the network device drivers, David Howells
- [PATCH 11/77] CRED: Wrap task credential accesses in the USB driver, David Howells
- [PATCH 12/77] CRED: Wrap task credential accesses in 9P2000 filesystem, David Howells
- [PATCH 13/77] CRED: Wrap task credential accesses in the AFFS filesystem, David Howells
- [PATCH 14/77] CRED: Wrap task credential accesses in the autofs filesystem, David Howells
- [PATCH 15/77] CRED: Wrap task credential accesses in the autofs4 filesystem, David Howells
- [PATCH 16/77] CRED: Wrap task credential accesses in the BFS filesystem, David Howells
- [PATCH 17/77] CRED: Wrap task credential accesses in the CIFS filesystem, David Howells
- [PATCH 18/77] CRED: Wrap task credential accesses in the Coda filesystem, David Howells
- [PATCH 19/77] CRED: Wrap task credential accesses in the devpts filesystem, David Howells
- [PATCH 20/77] CRED: Wrap task credential accesses in the eCryptFS filesystem, David Howells
- [PATCH 21/77] CRED: Wrap task credential accesses in the Ext2 filesystem, David Howells
- [PATCH 22/77] CRED: Wrap task credential accesses in the Ext3 filesystem, David Howells
- [PATCH 23/77] CRED: Wrap task credential accesses in the Ext4 filesystem, David Howells
- [PATCH 24/77] CRED: Wrap task credential accesses in the FAT filesystem, David Howells
- [PATCH 25/77] CRED: Wrap task credential accesses in the FUSE filesystem, David Howells
- [PATCH 26/77] CRED: Wrap task credential accesses in the GFS2 filesystem, David Howells
- [PATCH 27/77] CRED: Wrap task credential accesses in the HFS filesystem, David Howells
- [PATCH 28/77] CRED: Wrap task credential accesses in the HFSplus filesystem, David Howells
- [PATCH 29/77] CRED: Wrap task credential accesses in the HPFS filesystem, David Howells
- [PATCH 30/77] CRED: Wrap task credential accesses in the hugetlbfs filesystem, David Howells
- [PATCH 31/77] CRED: Wrap task credential accesses in the JFS filesystem, David Howells
- [PATCH 32/77] CRED: Wrap task credential accesses in the Minix filesystem, David Howells
- [PATCH 33/77] CRED: Wrap task credential accesses in the NCPFS filesystem, David Howells
- [PATCH 34/77] CRED: Wrap task credential accesses in the NFS daemon, David Howells
- [PATCH 35/77] CRED: Wrap task credential accesses in the OCFS2 filesystem, David Howells
- [PATCH 36/77] CRED: Wrap task credential accesses in the OMFS filesystem, David Howells
- [PATCH 37/77] CRED: Wrap task credential accesses in the RAMFS filesystem, David Howells
- [PATCH 38/77] CRED: Wrap task credential accesses in the ReiserFS filesystem, David Howells
- [PATCH 39/77] CRED: Wrap task credential accesses in the SMBFS filesystem, David Howells
- [PATCH 40/77] CRED: Wrap task credential accesses in the SYSV filesystem, David Howells
- [PATCH 41/77] CRED: Wrap task credential accesses in the UBIFS filesystem, David Howells
- [PATCH 42/77] CRED: Wrap task credential accesses in the UDF filesystem, David Howells
- [PATCH 44/77] CRED: Wrap task credential accesses in the XFS filesystem, David Howells
- [PATCH 43/77] CRED: Wrap task credential accesses in the UFS filesystem, David Howells
- [PATCH 46/77] CRED: Wrap task credential accesses in the SYSV IPC subsystem, David Howells
  - Re: [PATCH 46/77] CRED: Wrap task credential accesses in the SYSV IPC subsystem, Serge E. Hallyn
  - Re: [PATCH 46/77] CRED: Wrap task credential accesses in the SYSV IPC subsystem, David Howells
    - Re: [PATCH 46/77] CRED: Wrap task credential accesses in the SYSV IPC subsystem, Serge E. Hallyn
- [PATCH 47/77] CRED: Wrap task credential accesses in the AX25 protocol, David Howells
- [PATCH 45/77] CRED: Wrap task credential accesses in the filesystem subsystem, David Howells
- [PATCH 48/77] CRED: Wrap task credential accesses in the IPv6 protocol, David Howells
- [PATCH 49/77] CRED: Wrap task credential accesses in the netrom protocol, David Howells
- [PATCH 50/77] CRED: Wrap task credential accesses in the ROSE protocol, David Howells
- [PATCH 51/77] CRED: Wrap task credential accesses in the SunRPC protocol, David Howells
- [PATCH 52/77] CRED: Wrap task credential accesses in the UNIX socket protocol, David Howells
- [PATCH 53/77] CRED: Wrap task credential accesses in the networking subsystem, David Howells
- [PATCH 54/77] CRED: Wrap task credential accesses in the key management code, David Howells
- [PATCH 55/77] CRED: Wrap task credential accesses in the capabilities code, David Howells
  - Re: [PATCH 55/77] CRED: Wrap task credential accesses in the capabilities code, Serge E. Hallyn
- [PATCH 57/77] KEYS: Disperse linux/key_ui.h, David Howells
- [PATCH 56/77] CRED: Wrap task credential accesses in the core kernel, David Howells
- [PATCH 58/77] KEYS: Alter use of key instantiation link-to-keyring argument, David Howells
- [PATCH 60/77] CRED: Constify the kernel_cap_t arguments to the capset LSM hooks, David Howells
- [PATCH 59/77] CRED: Neuter sys_capset(), David Howells
  - Re: [PATCH 59/77] CRED: Neuter sys_capset(), Serge E. Hallyn
  - Re: [PATCH 59/77] CRED: Neuter sys_capset(), David Howells
    - Re: [PATCH 59/77] CRED: Neuter sys_capset(), Serge E. Hallyn
- [PATCH 62/77] CRED: Detach the credentials from task_struct, David Howells
- [PATCH 63/77] CRED: Wrap current->cred and a few other accessors, David Howells
- [PATCH 64/77] CRED: Use RCU to access another task's creds and to release a task's own creds, David Howells
- [PATCH 65/77] CRED: Wrap access to SELinux's task SID, David Howells
- [PATCH 67/77] CRED: Rename is_single_threaded() to is_wq_single_threaded(), David Howells
- [PATCH 68/77] CRED: Make inode_has_perm() and file_has_perm() take a cred pointer, David Howells
- [PATCH 66/77] CRED: Separate per-task-group keyrings from signal_struct, David Howells
- [PATCH 69/77] CRED: Pass credentials through dentry_open(), David Howells
- [PATCH 71/77] CRED: Make execve() take advantage of copy-on-write credentials, David Howells
- [PATCH 72/77] CRED: Prettify commoncap.c, David Howells
- [PATCH 73/77] CRED: Use creds in file structs, David Howells
- [PATCH 74/77] CRED: Documentation, David Howells
- [PATCH 75/77] CRED: Differentiate objective and effective subjective credentials on a task, David Howells
- [PATCH 76/77] CRED: Add a kernel_service object class to SELinux, David Howells
- [PATCH 77/77] CRED: Allow kernel services to override LSM settings for task actions, David Howells
- Re: [PATCH 61/77] CRED: Separate task security context from task_struct, David Howells
- Re: [PATCH 70/77] CRED: Inaugurate COW credentials, David Howells
- Re: [PATCH 00/77] Introduce credentials, James Morris
  - Re: [PATCH 00/77] Introduce credentials, Stephen Rothwell
    - Re: [PATCH 00/77] Introduce credentials, Serge E. Hallyn
[RFC PATCH v1 1/2] netlabel: Update kernel configuration API, Paul Moore
- [RFC PATCH v1 2/2] netlabel: Allow the static labels to take precedence over wire labels, Paul Moore
- Re: [RFC PATCH v1 1/2] netlabel: Update kernel configuration API, Paul Moore
  - Re: [RFC PATCH v1 1/2] netlabel: Update kernel configuration API, Casey Schaufler
    - Re: [RFC PATCH v1 1/2] netlabel: Update kernel configuration API, Paul Moore
      - Re: [RFC PATCH v1 1/2] netlabel: Update kernel configuration API, Paul Moore
[PATCH -v3 1/4] SECURITY: new capable_noaudit interface, Eric Paris
- [PATCH -v3 2/4] vm: use new has_capability_noaudit, Eric Paris
  - Re: [PATCH -v3 2/4] vm: use new has_capability_noaudit, Stephen Smalley
- [PATCH -v3 3/4] filesystems: use has_capability_noaudit interface for reserved blocks checks, Eric Paris
- [PATCH -v3 4/4] SELinux: use new cap_noaudit interface, Eric Paris
  - Re: [PATCH -v3 4/4] SELinux: use new cap_noaudit interface, Stephen Smalley
[TOMOYO #12 (2.6.28-rc2-mm1) 00/11] TOMOYO Linux, Kentaro Takeda
- [TOMOYO #12 (2.6.28-rc2-mm1) 01/11] Introduce security_path_clear() hook., Kentaro Takeda
- [TOMOYO #12 (2.6.28-rc2-mm1) 02/11] Add in_execve flag into task_struct., Kentaro Takeda
  - Re: [TOMOYO #12 (2.6.28-rc2-mm1) 02/11] Add in_execve flag into task_struct., Andrew Morton
- [TOMOYO #12 (2.6.28-rc2-mm1) 03/11] Singly linked list implementation., Kentaro Takeda
  - Re: [TOMOYO #12 (2.6.28-rc2-mm1) 03/11] Singly linked list implementation., Andrew Morton
- [TOMOYO #12 (2.6.28-rc2-mm1) 04/11] Introduce d_realpath()., Kentaro Takeda
  - Re: [TOMOYO #12 (2.6.28-rc2-mm1) 04/11] Introduce d_realpath()., Andrew Morton
    - Re: [TOMOYO #12 (2.6.28-rc2-mm1) 04/11] Introduce d_realpath()., Kentaro Takeda
- [TOMOYO #12 (2.6.28-rc2-mm1) 05/11] Memory and pathname management functions., Kentaro Takeda
  - Re: [TOMOYO #12 (2.6.28-rc2-mm1) 05/11] Memory and pathname management functions., Andrew Morton
    - Re: [TOMOYO #12 (2.6.28-rc2-mm1) 05/11] Memory and pathname management functions., Kentaro Takeda
      - Re: [TOMOYO #12 (2.6.28-rc2-mm1) 05/11] Memory and pathname management functions., Andrew Morton
        
        Re: [TOMOYO #12 (2.6.28-rc2-mm1) 05/11] Memory and pathname management functions., Kentaro Takeda
        
        Re: [TOMOYO #12 (2.6.28-rc2-mm1) 05/11] Memory and pathname management functions., Andrew Morton
        
        Re: [TOMOYO #12 (2.6.28-rc2-mm1) 05/11] Memory and pathname management functions., Kentaro Takeda
- [TOMOYO #12 (2.6.28-rc2-mm1) 06/11] Common functions for TOMOYO Linux., Kentaro Takeda
  - Re: [TOMOYO #12 (2.6.28-rc2-mm1) 06/11] Common functions for TOMOYO Linux., Andrew Morton
    - Re: [TOMOYO #12 (2.6.28-rc2-mm1) 06/11] Common functions for TOMOYOLinux., Tetsuo Handa
    - Re: [TOMOYO #12 (2.6.28-rc2-mm1) 06/11] Common functions for TOMOYOLinux., Tetsuo Handa
      - Re: [TOMOYO #12 (2.6.28-rc2-mm1) 06/11] Common functions for TOMOYOLinux., Serge E. Hallyn
        
        Re: [TOMOYO #12 (2.6.28-rc2-mm1) 06/11] Common functions for TOMOYOLinux., Tetsuo Handa
        
        Re: [TOMOYO #12 (2.6.28-rc2-mm1) 06/11] Common functions for TOMOYOLinux., Serge E. Hallyn
        
        Re: [TOMOYO #12 (2.6.28-rc2-mm1) 06/11] Common functions for TOMOYOLinux., Tetsuo Handa
        
        Re: [TOMOYO #12 (2.6.28-rc2-mm1) 06/11] Common functions for TOMOYOLinux., Serge E. Hallyn
    - Re: [TOMOYO #12 (2.6.28-rc2-mm1) 06/11] Common functions for TOMOYO Linux., Kentaro Takeda
    - Re: [TOMOYO #12 (2.6.28-rc2-mm1) 06/11] Common functions for TOMOYO Linux., Kentaro Takeda
- [TOMOYO #12 (2.6.28-rc2-mm1) 10/11] Kconfig and Makefile, Kentaro Takeda
- [TOMOYO #12 (2.6.28-rc2-mm1) 09/11] LSM adapter functions., Kentaro Takeda
- [TOMOYO #12 (2.6.28-rc2-mm1) 11/11] MAINTAINERS info, Kentaro Takeda
- [TOMOYO #12 (2.6.28-rc2-mm1) 08/11] Domain transition handler., Kentaro Takeda
- [TOMOYO #12 (2.6.28-rc2-mm1) 07/11] File operation restriction part., Kentaro Takeda
[PATCH -v2 1/3] SECURITY: new capable_noaudit interface, Eric Paris
- [PATCH -v2 2/3] vm: use new has_capability_noaudit, Eric Paris
- [PATCH -v2 3/3] filesystems: use has_capability_noaudit interface for reserved blocks checks, Eric Paris
- Re: [PATCH -v2 1/3] SECURITY: new capable_noaudit interface, Stephen Smalley
[PATCH 1/1] file caps: always start with clear bprm->caps_*, Serge E. Hallyn
- <Possible follow-ups>
- [PATCH 1/1] file caps: always start with clear bprm->caps_*, Serge E. Hallyn
[PATCH -v1 1/3] SECURITY: new capable_noaudit interface, Eric Paris
- [PATCH -v1 2/3] vm: use new has_capability_noaudit, Eric Paris
  - Re: [PATCH -v1 2/3] vm: use new has_capability_noaudit, Stephen Smalley
    - Re: [PATCH -v1 2/3] vm: use new has_capability_noaudit, Eric Paris
- [PATCH -v1 3/3] filesystems: use has_capability_noaudit interface for reserved blocks checks, Eric Paris
- Re: [PATCH -v1 1/3] SECURITY: new capable_noaudit interface, Serge E. Hallyn
  - Re: [PATCH -v1 1/3] SECURITY: new capable_noaudit interface, Paul Moore
    - Re: [PATCH -v1 1/3] SECURITY: new capable_noaudit interface, Eric Paris
      - Re: [PATCH -v1 1/3] SECURITY: new capable_noaudit interface, Paul Moore
[PATCH] smack inode_listsecurity fix, Casey Schaufler
[PATCH 1/1] Track (in /proc/<pid>/status) which capabilities are hit during execution., Andrew G. Morgan
- Re: [PATCH 1/1] Track (in /proc/<pid>/status) which capabilities are hit during execution., James Morris
[PATCH 0/1] What capabilities is a process using?, Andrew G. Morgan
- Re: [PATCH 0/1] What capabilities is a process using?, Serge E. Hallyn
  - Re: [PATCH 0/1] What capabilities is a process using?, Serge E. Hallyn
path based security in 4 easy steps with minimal kernel changes, Shaya Potter
- Re: path based security in 4 easy steps with minimal kernel changes, Casey Schaufler
  - Re: path based security in 4 easy steps with minimal kernel changes, Shaya Potter
- Re: path based security in 4 easy steps with minimal kernel changes, Kentaro Takeda
  - Re: path based security in 4 easy steps with minimal kernel changes, Shaya Potter
    - Re: path based security in 4 easy steps with minimal kernel changes, crispin
      - Re: path based security in 4 easy steps with minimal kernel changes, Shaya Potter
        
        Re: path based security in 4 easy steps with minimal kernel changes, Shaya Potter
      - Re: path based security in 4 easy steps with minimal kernel changes, Shaya Potter
ext4_has_free_blocks always checks cap_sys_resource and makes SELinux unhappy, Eric Paris
- Re: ext4_has_free_blocks always checks cap_sys_resource and makes SELinux unhappy, Stephen Smalley
  - Re: ext4_has_free_blocks always checks cap_sys_resource and makes SELinux unhappy, Eric Paris
    - Re: ext4_has_free_blocks always checks cap_sys_resource and makes SELinux unhappy, Stephen Smalley
- Re: ext4_has_free_blocks always checks cap_sys_resource and makes SELinux unhappy, Eric Sandeen
  - Re: ext4_has_free_blocks always checks cap_sys_resource and makes SELinux unhappy, Mingming Cao
    - Re: ext4_has_free_blocks always checks cap_sys_resource and makes SELinux unhappy, Eric Sandeen
- Re: ext4_has_free_blocks always checks cap_sys_resource and makes SELinux unhappy, Eric Sandeen
[GIT Pull Request] Copy on write credentials for Linux [ver #4], David Howells
Re: __vm_enough_memory(), OVERCOMMIT_NEVER, current->mm, kernel thread, James Morris
[GIT Pull Request] Copy on write credentials for Linux [ver #3], David Howells
- Re: [GIT Pull Request] Copy on write credentials for Linux [ver #3], David Howells
[GIT Pull Request] Copy on write credentials for Linux [ver #2], David Howells
[no subject], David Howells
[TOMOYO #11 (linux-next) 00/11] TOMOYO Linux, Kentaro Takeda
- [TOMOYO #11 (linux-next) 02/11] Add in_execve flag into task_struct., Kentaro Takeda
- [TOMOYO #11 (linux-next) 03/11] Singly linked list implementation., Kentaro Takeda
- [TOMOYO #11 (linux-next) 01/11] Introduce new LSM hooks where vfsmount is available., Kentaro Takeda
  - Re: [TOMOYO #11 (linux-next) 01/11] Introduce new LSM hooks where vfsmount is available., Shaya Potter
    - Re: [TOMOYO #11 (linux-next) 01/11] Introduce new LSM hooks where vfsmount is available., crispin
      - Re: [TOMOYO #11 (linux-next) 01/11] Introduce new LSM hooks where vfsmount is available., Shaya Potter
        
        Re: [TOMOYO #11 (linux-next) 01/11] Introduce new LSM hooks where vfsmount is available., Shaya Potter
  - Re: [TOMOYO #11 (linux-next) 01/11] Introduce new LSM hooks where vfsmount is available., Miklos Szeredi
    - Re: [TOMOYO #11 (linux-next) 01/11] Introduce new LSM hooks where vfsmount is available., Kentaro Takeda
- [TOMOYO #11 (linux-next) 04/11] Introduce d_realpath()., Kentaro Takeda
- [TOMOYO #11 (linux-next) 05/11] Memory and pathname management functions., Kentaro Takeda
- [TOMOYO #11 (linux-next) 06/11] Common functions for TOMOYO Linux., Kentaro Takeda
- [TOMOYO #11 (linux-next) 07/11] File operation restriction part., Kentaro Takeda
- [TOMOYO #11 (linux-next) 08/11] Domain transition handler., Kentaro Takeda
- [TOMOYO #11 (linux-next) 09/11] LSM adapter functions., Kentaro Takeda
- [TOMOYO #11 (linux-next) 10/11] Kconfig and Makefile, Kentaro Takeda
- [TOMOYO #11 (linux-next) 11/11] MAINTAINERS info, Kentaro Takeda
- Re: [TOMOYO #11 (linux-next) 00/11] TOMOYO Linux, Kentaro Takeda
  - Re: [TOMOYO #11 (linux-next) 00/11] TOMOYO Linux, Serge E. Hallyn
    - Re: [TOMOYO #11 (linux-next) 00/11] TOMOYO Linux, Toshiharu Harada
[GIT Pull Request] Copy on write credentials for Linux, David Howells
path name based security, Shaya Potter
- Re: path name based security, Stephen Smalley
  - Re: path name based security, Shaya Potter
    - Re: path name based security, Stephen Smalley
      - Re: path name based security, Shaya Potter
[PATCH] CRED: Fix creds refcounting in lookup_user_key(), David Howells
[GIT] Security related updates, James Morris
[GIT] SELinux and security patches for 2.6.28, James Morris
[TOMOYO #10 (linux-next) 0/8] TOMOYO Linux, Kentaro Takeda
- [TOMOYO #10 (linux-next) 1/8] Introduce new LSM hooks where vfsmount is available., Kentaro Takeda
- [TOMOYO #10 (linux-next) 2/8] Add in_execve flag into task_struct., Kentaro Takeda
- [TOMOYO #10 (linux-next) 3/8] LSM adapter functions., Kentaro Takeda
  - Re: [TOMOYO #10 (linux-next) 3/8] LSM adapter functions., KAMEZAWA Hiroyuki
    - Re: [TOMOYO #10 (linux-next) 3/8] LSM adapter functions., Kentaro Takeda
- [TOMOYO #10 (linux-next) 4/8] Memory and pathname management functions., Kentaro Takeda
  - Re: [TOMOYO #10 (linux-next) 4/8] Memory and pathname management functions., KAMEZAWA Hiroyuki
    - Re: [TOMOYO #10 (linux-next) 4/8] Memory and pathname management functions., Kentaro Takeda
- [TOMOYO #10 (linux-next) 5/8] Common functions for TOMOYO Linux., Kentaro Takeda
- [TOMOYO #10 (linux-next) 6/8] Domain transition handler., Kentaro Takeda
- [TOMOYO #10 (linux-next) 7/8] File operation restriction part., Kentaro Takeda
  - Re: [TOMOYO #10 (linux-next) 7/8] File operation restriction part., Serge E. Hallyn
    - Re: [TOMOYO #10 (linux-next) 7/8] File operation restriction part., Tetsuo Handa
      - Re: [TOMOYO #10 (linux-next) 7/8] File operation restriction part., Paul E. McKenney
        
        Re: [TOMOYO #10 (linux-next) 7/8] File operation restriction part., Kentaro Takeda
        
        Re: [TOMOYO #10 (linux-next) 7/8] File operation restriction part., Paul E. McKenney
        
        Re: [TOMOYO #10 (linux-next) 7/8] File operation restriction part., Kentaro Takeda
        
        Re: [TOMOYO #10 (linux-next) 7/8] File operation restriction part., Paul E. McKenney
        
        Re: [TOMOYO #10 (linux-next) 7/8] File operation restriction part., Tetsuo Handa
        
        Re: [TOMOYO #10 (linux-next) 7/8] File operation restriction part., Paul E. McKenney
        
        Re: [TOMOYO #10 (linux-next) 7/8] File operation restriction part., Tetsuo Handa
        
        Re: [TOMOYO #10 (linux-next) 7/8] File operation restriction part., Paul E. McKenney
      - Re: [TOMOYO #10 (linux-next) 7/8] File operation restriction part., Serge E. Hallyn
- [TOMOYO #10 (linux-next) 8/8] Kconfig and Makefile, Kentaro Takeda
[PATCH v7 00/17] Labeled networking patches for 2.6.28, Paul Moore
- [PATCH v7 01/17] netlabel: Fix some sparse warnings, Paul Moore
  - Re: [PATCH v7 01/17] netlabel: Fix some sparse warnings, James Morris
- [PATCH v7 02/17] selinux: Cleanup the NetLabel glue code, Paul Moore
- [PATCH v7 03/17] selinux: Correctly handle IPv4 packets on IPv6 sockets in all cases, Paul Moore
- [PATCH v7 04/17] netlabel: Remove unneeded in-kernel API functions, Paul Moore
- [PATCH v7 05/17] selinux: Better local/forward check in selinux_ip_postroute(), Paul Moore
- [PATCH v7 06/17] selinux: Fix a problem in security_netlbl_sid_to_secattr(), Paul Moore
- [PATCH v7 07/17] selinux: Fix missing calls to netlbl_skbuff_err(), Paul Moore
- [PATCH v7 08/17] smack: Fix missing calls to netlbl_skbuff_err(), Paul Moore
- [PATCH v7 09/17] netlabel: Replace protocol/NetLabel linking with refrerence counts, Paul Moore
- [PATCH v7 10/17] netlabel: Add a generic way to create ordered linked lists of network addrs, Paul Moore
- [PATCH v7 11/17] netlabel: Add network address selectors to the NetLabel/LSM domain mapping, Paul Moore
- [PATCH v7 12/17] netlabel: Add functionality to set the security attributes of a packet, Paul Moore
- [PATCH v7 13/17] selinux: Set socket NetLabel based on connection endpoint, Paul Moore
- [PATCH v7 14/17] selinux: Cache NetLabel secattrs in the socket's security struct, Paul Moore
- [PATCH v7 15/17] netlabel: Changes to the NetLabel security attributes to allow LSMs to pass full contexts, Paul Moore
- [PATCH v7 16/17] cipso: Add support for native local labeling and fixup mapping names, Paul Moore
- [PATCH v7 17/17] netlabel: Add configuration support for local labeling, Paul Moore
[PATCH] CRED: ptrace_attach() should use the target process's mutex, David Howells
- Re: [PATCH] CRED: ptrace_attach() should use the target process's mutex, James Morris
- Re: [PATCH] CRED: ptrace_attach() should use the target process's mutex, Tetsuo Handa
  - Re: [PATCH] CRED: ptrace_attach() should use the target process\'s mutex, Tetsuo Handa
  - Re: [PATCH] CRED: ptrace_attach() should use the target process\'s mutex, David Howells
    - Re: [PATCH] CRED: ptrace_attach() should use the target process\'s mutex, Tetsuo Handa
[RFC v3] Security Label Support for NFSv4, David P. Quigley
- [PATCH 01/14] VFS: Factor out part of vfs_setxattr so it can be called from the SELinux hook for inode_setsecctx., David P. Quigley
  - Re: [PATCH 01/14] VFS: Factor out part of vfs_setxattr so it can be called from the SELinux hook for inode_setsecctx., Serge E. Hallyn
- [PATCH 06/14] KConfig: Add KConfig entries for Labeled NFS, David P. Quigley
  - Re: [PATCH 06/14] KConfig: Add KConfig entries for Labeled NFS, Serge E. Hallyn
- [PATCH 05/14] SELinux: Add new labeling type native labels, David P. Quigley
- [PATCH 10/14] NFSv4: Introduce new label structure, David P. Quigley
- [PATCH 11/14] NFS/RPC: Add the auth_seclabel security flavor to allow the process label to be sent to the server., David P. Quigley
  - Re: [PATCH 11/14] NFS/RPC: Add the auth_seclabel security flavor to allow the process label to be sent to the server., Andy Whitcroft
    - Re: [PATCH 11/14] NFS/RPC: Add the auth_seclabel security flavor to allow the process label to be sent to the server., Matthew N. Dodd
- [PATCH 08/14] NFS: Add security_label text mount option and handling code to NFS, David P. Quigley
- [PATCH 13/14] NFS: Extend NFS xattr handlers to accept the security namespace, David P. Quigley
- Message not available
  - Re: [PATCH 02/14] LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information., Serge E. Hallyn
    - Re: [PATCH 02/14] LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information., David P. Quigley
- Message not available
  - Re: [PATCH 03/14] Security: Add hook to calculate context based on a negative dentry., Serge E. Hallyn
    - Re: [PATCH 03/14] Security: Add hook to calculate context based on a negative dentry., David P. Quigley
      - Re: [PATCH 03/14] Security: Add hook to calculate context based on a negative dentry., Serge E. Hallyn
- Message not available
  - Re: [PATCH 02/14] LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information., Serge E. Hallyn
    - Re: [PATCH 02/14] LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information., David P. Quigley
- Re: [RFC v3] Security Label Support for NFSv4, James Morris
  - Re: [Labeled-nfs] [RFC v3] Security Label Support for NFSv4, Matthew N. Dodd
    - Re: [Labeled-nfs] [RFC v3] Security Label Support for NFSv4, Trond Myklebust
      - Re: [Labeled-nfs] [RFC v3] Security Label Support for NFSv4, David P. Quigley
[PATCH 0/6] file capabilities cleanups: introduction, Serge E. Hallyn
- [PATCH 1/6] file capabilities: add no_file_caps switch (v3), Serge E. Hallyn
  - [PATCH 2/6] file capabilities: remove CONFIG_SECURITY_FILE_CAPABILITIES, Serge E. Hallyn
    - [PATCH 3/6] file capabilities: uninline cap_safe_nice, Serge E. Hallyn
      - [PATCH 4/6] file capabilities: clean up setcap code, Serge E. Hallyn
        
        [PATCH 5/6] file capabilities: remove needless inline functions, Serge E. Hallyn
        
        [PATCH 6/6] file capabilities: remove needless (?) bprm_clear_caps calls, Serge E. Hallyn
        
        [PATCH 6/6] file capabilities: remove needless (?) bprm_clear_caps calls, Serge E. Hallyn
        
        [PATCH 6/6] file capabilities: remove needless (?) bprm_clear_caps calls, Serge E. Hallyn
        
        Re: [PATCH 5/6] file capabilities: remove needless inline functions, Andrew G. Morgan
        
        Re: [PATCH 5/6] file capabilities: remove needless inline functions, Serge E. Hallyn
        
        Re: [PATCH 5/6] file capabilities: remove needless inline functions, Serge E. Hallyn
        
        Re: [PATCH 4/6] file capabilities: clean up setcap code, Andrew G. Morgan
        
        Re: [PATCH 4/6] file capabilities: clean up setcap code, Serge E. Hallyn
      - Re: [PATCH 3/6] file capabilities: uninline cap_safe_nice, Andrew G. Morgan
        
        Re: [PATCH 3/6] file capabilities: uninline cap_safe_nice, James Morris
    - Re: [PATCH 2/6] file capabilities: remove CONFIG_SECURITY_FILE_CAPABILITIES, Andrew G. Morgan
Fwd: SMACK startproc patch, Tilman Baumann
- <Possible follow-ups>
- Re: Fwd: SMACK startproc patch, Casey Schaufler
Re: SMACK netfilter smacklabel socket match, Paul Moore
- Re: SMACK netfilter smacklabel socket match, Tilman Baumann
  - Re: SMACK netfilter smacklabel socket match, Paul Moore
    - Re: SMACK netfilter smacklabel socket match, Tilman Baumann
- Re: SMACK netfilter smacklabel socket match, Tilman Baumann
  - Re: SMACK netfilter smacklabel socket match, Paul Moore
- <Possible follow-ups>
- Re: SMACK netfilter smacklabel socket match, Casey Schaufler
  - Re: SMACK netfilter smacklabel socket match, Tilman Baumann
    - Re: SMACK netfilter smacklabel socket match, Casey Schaufler
      - Re: SMACK netfilter smacklabel socket match, Tilman Baumann
        
        Re: SMACK netfilter smacklabel socket match, Casey Schaufler
        
        Re: SMACK netfilter smacklabel socket match, Tilman Baumann
        
        Re: SMACK netfilter smacklabel socket match, Casey Schaufler
        
        Re: SMACK netfilter smacklabel socket match, Tilman Baumann
        
        Re: SMACK netfilter smacklabel socket match, Casey Schaufler
        
        Re: SMACK netfilter smacklabel socket match, Tilman Baumann
        
        Re: SMACK netfilter smacklabel socket match, Ahmed S. Darwish
        
        Re: SMACK netfilter smacklabel socket match, Casey Schaufler
        
        Re: SMACK netfilter smacklabel socket match, Tilman Baumann
        
        Re: SMACK netfilter smacklabel socket match, Casey Schaufler
        
        Re: SMACK netfilter smacklabel socket match, Tilman Baumann
        
        Re: SMACK netfilter smacklabel socket match, Casey Schaufler
        
        Re: SMACK netfilter smacklabel socket match, Casey Schaufler
        
        Re: SMACK netfilter smacklabel socket match, Tilman Baumann
        
        Re: SMACK netfilter smacklabel socket match, Casey Schaufler
        
        Re: SMACK netfilter smacklabel socket match, Casey Schaufler
        
        Re: SMACK netfilter smacklabel socket match, Tilman Baumann
        
        Re: SMACK netfilter smacklabel socket match, Casey Schaufler
        
        Re: SMACK netfilter smacklabel socket match, Paul Moore
[PATCH] CRED: Use correct task_struct members in cred.h comments, David Howells
- Re: [PATCH] CRED: Use correct task_struct members in cred.h comments, James Morris
[TOMOYO #9 (2.6.27-rc7-mm1) 0/6] TOMOYO Linux, Kentaro Takeda
- [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda
  - Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn
    - Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda
      - Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Stephen Smalley
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Casey Schaufler
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Valdis . Kletnieks
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn
        
        Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda
- [TOMOYO #9 (2.6.27-rc7-mm1) 2/6] Memory and pathname management functions., Kentaro Takeda
- [TOMOYO #9 (2.6.27-rc7-mm1) 3/6] Common functions for TOMOYO Linux., Kentaro Takeda
- [TOMOYO #9 (2.6.27-rc7-mm1) 4/6] Domain transition handler., Kentaro Takeda
- [TOMOYO #9 (2.6.27-rc7-mm1) 5/6] File operation restriction part., Kentaro Takeda
- [TOMOYO #9 (2.6.27-rc7-mm1) 6/6] Kconfig and Makefile, Kentaro Takeda
[PATCH 1/2] file capabilities: add no_file_caps switch (v3), Serge E. Hallyn
- [PATCH 2/2] file capabilities: remove CONFIG_SECURITY_FILE_CAPABILITIES, Serge E. Hallyn
  - Re: [PATCH 2/2] file capabilities: remove CONFIG_SECURITY_FILE_CAPABILITIES, Andrew G. Morgan
  - Re: [PATCH 2/2] file capabilities: remove CONFIG_SECURITY_FILE_CAPABILITIES, Chris Wright
    - Re: [PATCH 2/2] file capabilities: remove CONFIG_SECURITY_FILE_CAPABILITIES, Serge E. Hallyn
      - Re: [PATCH 2/2] file capabilities: remove CONFIG_SECURITY_FILE_CAPABILITIES, Chris Wright
      - Re: [PATCH 2/2] file capabilities: remove CONFIG_SECURITY_FILE_CAPABILITIES, Andreas Gruenbacher
[PATCH] CRED: Delete alloc_creds() as it's not used, David Howells
- Re: [PATCH] CRED: Delete alloc_creds() as it's not used, James Morris
[PATCH 1/2] file capabilities: add no_file_caps switch (v2), Serge E. Hallyn
- [PATCH 2/2] file capabilities: turn on by default, Serge E. Hallyn
  - Re: [PATCH 2/2] file capabilities: turn on by default, Randy Dunlap
    - Re: [PATCH 2/2] file capabilities: turn on by default, Serge E. Hallyn
      - Re: [PATCH 2/2] file capabilities: turn on by default, Randy Dunlap
      - Re: [PATCH 2/2] file capabilities: turn on by default, Chris Wright
- Re: [PATCH 1/2] file capabilities: add no_file_caps switch (v2), Stephen Smalley
  - Re: [PATCH 1/2] file capabilities: add no_file_caps switch (v2), Andreas Gruenbacher
    - Re: [PATCH 1/2] file capabilities: add no_file_caps switch (v2), Serge E. Hallyn
      - Re: [PATCH 1/2] file capabilities: add no_file_caps switch (v2), Andreas Gruenbacher
      - Re: [PATCH 1/2] file capabilities: add no_file_caps switch (v2), James Morris
- Re: [PATCH 1/2] file capabilities: add no_file_caps switch (v2), Chris Wright
  - Re: [PATCH 1/2] file capabilities: add no_file_caps switch (v2), Serge E. Hallyn
[PATCH] Introduce new LSM hooks where vfsmount is available., Kentaro Takeda
- Re: [PATCH] Introduce new LSM hooks where vfsmount is available., Casey Schaufler
  - Re: [PATCH] Introduce new LSM hooks where vfsmount is available., Kentaro Takeda
  - Re: [PATCH] Introduce new LSM hooks where vfsmount is available., david
- Re: [PATCH] Introduce new LSM hooks where vfsmount is available., James Morris
  - Re: [PATCH] Introduce new LSM hooks where vfsmount is available., david
    - Re: [PATCH] Introduce new LSM hooks where vfsmount is available., Stephen Smalley
      - Re: [PATCH] Introduce new LSM hooks where vfsmount is available., Alexey Dobriyan
        
        Re: [PATCH] Introduce new LSM hooks where vfsmount is available., James Morris
  - Re: [PATCH] Introduce new LSM hooks where vfsmount is available., Kentaro Takeda
    - Re: [PATCH] Introduce new LSM hooks where vfsmount is available., Serge E. Hallyn
      - Re: [PATCH] Introduce new LSM hooks where vfsmount is available., James Morris
- <Possible follow-ups>
- [PATCH] introduce new LSM hooks where vfsmount is available., Kentaro Takeda
  - Re: [PATCH] introduce new LSM hooks where vfsmount is available., Al Viro
    - Re: [PATCH] introduce new LSM hooks where vfsmount is available., Al Viro
      - Re: [PATCH] introduce new LSM hooks where vfsmount is available., Kentaro Takeda
[RFC PATCH v6 00/16] Labeled networking patches for 2.6.28, Paul Moore
- [RFC PATCH v6 03/16] netlabel: Remove unneeded in-kernel API functions, Paul Moore
  - Re: [RFC PATCH v6 03/16] netlabel: Remove unneeded in-kernel API functions, James Morris
- [RFC PATCH v6 01/16] selinux: Cleanup the NetLabel glue code, Paul Moore
  - Re: [RFC PATCH v6 01/16] selinux: Cleanup the NetLabel glue code, James Morris
    - Re: [RFC PATCH v6 01/16] selinux: Cleanup the NetLabel glue code, Paul Moore
- [RFC PATCH v6 02/16] selinux: Correctly handle IPv4 packets on IPv6 sockets in all cases, Paul Moore
  - Re: [RFC PATCH v6 02/16] selinux: Correctly handle IPv4 packets on IPv6 sockets in all cases, James Morris
    - Re: [RFC PATCH v6 02/16] selinux: Correctly handle IPv4 packets on IPv6 sockets in all cases, Paul Moore
- [RFC PATCH v6 04/16] selinux: Better local/forward check in selinux_ip_postroute(), Paul Moore
  - Re: [RFC PATCH v6 04/16] selinux: Better local/forward check in selinux_ip_postroute(), James Morris
    - Re: [RFC PATCH v6 04/16] selinux: Better local/forward check in selinux_ip_postroute(), Paul Moore
- [RFC PATCH v6 05/16] selinux: Fix a problem in security_netlbl_sid_to_secattr(), Paul Moore
- [RFC PATCH v6 06/16] selinux: Fix missing calls to netlbl_skbuff_err(), Paul Moore
- [RFC PATCH v6 07/16] smack: Fix missing calls to netlbl_skbuff_err(), Paul Moore
- [RFC PATCH v6 08/16] netlabel: Replace protocol/NetLabel linking with refrerence counts, Paul Moore
  - Re: [RFC PATCH v6 08/16] netlabel: Replace protocol/NetLabel linking with refrerence counts, James Morris
- [RFC PATCH v6 11/16] netlabel: Add functionality to set the security attributes of a packet, Paul Moore
  - Re: [RFC PATCH v6 11/16] netlabel: Add functionality to set the security attributes of a packet, James Morris
    - Re: [RFC PATCH v6 11/16] netlabel: Add functionality to set the security attributes of a packet, Paul Moore
- [RFC PATCH v6 10/16] netlabel: Add network address selectors to the NetLabel/LSM domain mapping, Paul Moore
  - Re: [RFC PATCH v6 10/16] netlabel: Add network address selectors to the NetLabel/LSM domain mapping, James Morris
- [RFC PATCH v6 12/16] selinux: Set socket NetLabel based on connection endpoint, Paul Moore
  - Re: [RFC PATCH v6 12/16] selinux: Set socket NetLabel based on connection endpoint, James Morris
    - Re: [RFC PATCH v6 12/16] selinux: Set socket NetLabel based on connection endpoint, Joe Nall
      - Re: [RFC PATCH v6 12/16] selinux: Set socket NetLabel based on connection endpoint, Paul Moore
- [RFC PATCH v6 13/16] selinux: Cache NetLabel secattrs in the socket's security struct, Paul Moore
- [RFC PATCH v6 14/16] netlabel: Changes to the NetLabel security attributes to allow LSMs to pass full contexts, Paul Moore
- [RFC PATCH v6 15/16] cipso: Add support for native local labeling and fixup mapping names, Paul Moore
  - Re: [RFC PATCH v6 15/16] cipso: Add support for native local labeling and fixup mapping names, James Morris
    - Re: [RFC PATCH v6 15/16] cipso: Add support for native local labeling and fixup mapping names, Paul Moore
      - Re: [RFC PATCH v6 15/16] cipso: Add support for native local labeling and fixup mapping names, James Morris
        
        Re: [RFC PATCH v6 15/16] cipso: Add support for native local labeling and fixup mapping names, Paul Moore
- [RFC PATCH v6 09/16] netlabel: Add a generic way to create ordered linked lists of network addrs, Paul Moore
  - Re: [RFC PATCH v6 09/16] netlabel: Add a generic way to create ordered linked lists of network addrs, James Morris
- [RFC PATCH v6 16/16] netlabel: Add configuration support for local labeling, Paul Moore
  - Re: [RFC PATCH v6 16/16] netlabel: Add configuration support for local labeling, James Morris
    - Re: [RFC PATCH v6 16/16] netlabel: Add configuration support for local labeling, Paul Moore
- Re: [RFC PATCH v6 00/16] Labeled networking patches for 2.6.28, Paul Moore
  - Re: [RFC PATCH v6 00/16] Labeled networking patches for 2.6.28, Casey Schaufler
- Re: [RFC PATCH v6 00/16] Labeled networking patches for 2.6.28, James Morris
  - Re: [RFC PATCH v6 00/16] Labeled networking patches for 2.6.28, Paul Moore
    - Re: [RFC PATCH v6 00/16] Labeled networking patches for 2.6.28, James Morris
[RFC] Labeled NFS Take 2, David P. Quigley
- [PATCH 08/14] NFS: Add security_label text mount option and handling code to NFS, David P. Quigley
- [PATCH 01/14] VFS: Factor out part of vfs_setxattr so it can be called from the SELinux hook for inode_setsecctx., David P. Quigley
- [PATCH 03/14] Security: Add hook to calculate context based on a negative dentry., David P. Quigley
- [PATCH 14/14] NFSD: Server implementation of MAC Labeling, David P. Quigley
- [PATCH 10/14] NFSv4: Introduce new label structure, David P. Quigley
- [PATCH 07/14] NFSv4: Add label recommended attribute and NFSv4 flags, David P. Quigley
- [PATCH 09/14] NFS: Introduce lifecycle management for label attribute., David P. Quigley
- [PATCH 05/14] SELinux: Add new labeling type native labels, David P. Quigley
- [PATCH 13/14] NFS: Extend NFS xattr handlers to accept the security namespace, David P. Quigley
- [PATCH 12/14] NFS: Client implementation of Labeled-NFS, David P. Quigley
- [PATCH 11/14] NFS/RPC: Add the auth_seclabel security flavor to allow the process label to be sent to the server., David P. Quigley
- [PATCH 04/14] Security: Add Hook to test if the particular xattr is part of a MAC model., David P. Quigley
  - Re: [PATCH 04/14] Security: Add Hook to test if the particular xattr is part of a MAC model., Casey Schaufler
- [PATCH 02/14] LSM/SELinux: inode_{get,set,notify}secctx hooks to access LSM security context information., David P. Quigley
- [PATCH 06/14] KConfig: Add KConfig entries for Labeled NFS, David P. Quigley
Security systems patch review for 2.6.28, James Morris
- [PATCH] make selinux_write_opts() static, James Morris
  - [PATCH] SELinux: Trivial minor fixes that change C null character style, James Morris
    - [PATCH] SELinux: trivial, remove unneeded local variable, James Morris
      - [PATCH] SELinux: Fix a potentially uninitialised variable in SELinux hooks, James Morris
        
        [PATCH] smack: limit privilege by label, James Morris
        
        [PATCH] selinux: conditional expression type validation was off-by-one, James Morris
        
        [PATCH] selinux: Unify for- and while-loop style, James Morris
        
        [PATCH] security: add/fix security kernel-doc, James Morris
        
        [PATCH] selinux: add support for installing a dummy policy (v2), James Morris
        
        [PATCH] securityfs: do not depend on CONFIG_SECURITY, James Morris
        
        [PATCH] SELinux: add boundary support and thread context assignment, James Morris
        
        [PATCH] SELinux: add gitignore file for mdp script, James Morris
        
        Re: [PATCH] SELinux: add gitignore file for mdp script, Serge E. Hallyn
        
        Re: [PATCH] SELinux: Fix a potentially uninitialised variable in SELinux hooks, Paul Moore
[RFC PATCH v5 00/14] Labeled networking patches for 2.6.28, Paul Moore
- [RFC PATCH v5 01/14] netlabel: Remove unneeded in-kernel API functions, Paul Moore
- [RFC PATCH v5 02/14] selinux: Better local/forward check in selinux_ip_postroute(), Paul Moore
- [RFC PATCH v5 03/14] selinux: Fix a problem in security_netlbl_sid_to_secattr(), Paul Moore
- [RFC PATCH v5 04/14] selinux: Fix missing calls to netlbl_skbuff_err(), Paul Moore
- [RFC PATCH v5 05/14] smack: Fix missing calls to netlbl_skbuff_err(), Paul Moore
  - Re: [RFC PATCH v5 05/14] smack: Fix missing calls to netlbl_skbuff_err(), Casey Schaufler
- [RFC PATCH v5 06/14] netlabel: Replace protocol/NetLabel linking with refrerence counts, Paul Moore
- [RFC PATCH v5 07/14] netlabel: Add a generic way to create ordered linked lists of network addrs, Paul Moore
- [RFC PATCH v5 08/14] netlabel: Add network address selectors to the NetLabel/LSM domain mapping, Paul Moore
- [RFC PATCH v5 11/14] selinux: Cache NetLabel secattrs in the socket's security struct, Paul Moore
- [RFC PATCH v5 12/14] netlabel: Changes to the NetLabel security attributes to allow LSMs to pass full contexts, Paul Moore
- [RFC PATCH v5 09/14] netlabel: Add functionality to set the security attributes of a packet, Paul Moore
- [RFC PATCH v5 14/14] netlabel: Add configuration support for local labeling, Paul Moore
- [RFC PATCH v5 13/14] cipso: Add support for native local labeling and fixup mapping names, Paul Moore
- [RFC PATCH v5 10/14] selinux: Set socket NetLabel based on connection endpoint, Paul Moore
[RFC PATCH v4 00/14] Labeled networking patches for 2.6.28, Paul Moore
- [RFC PATCH v4 01/14] netlabel: Remove unneeded in-kernel API functions, Paul Moore
- [RFC PATCH v4 02/14] selinux: Better local/forward check in selinux_ip_postroute(), Paul Moore
  - Re: [RFC PATCH v4 02/14] selinux: Better local/forward check in selinux_ip_postroute(), James Morris
    - Re: [RFC PATCH v4 02/14] selinux: Better local/forward check in selinux_ip_postroute(), Paul Moore
- [RFC PATCH v4 03/14] selinux: Fix a problem in security_netlbl_sid_to_secattr(), Paul Moore
  - Re: [RFC PATCH v4 03/14] selinux: Fix a problem in security_netlbl_sid_to_secattr(), James Morris
- [RFC PATCH v4 04/14] selinux: Fix missing calls to netlbl_skbuff_err(), Paul Moore
  - Re: [RFC PATCH v4 04/14] selinux: Fix missing calls to netlbl_skbuff_err(), James Morris
- [RFC PATCH v4 05/14] smack: Fix missing calls to netlbl_skbuff_err(), Paul Moore
- [RFC PATCH v4 06/14] netlabel: Replace protocol/NetLabel linking with refrerence counts, Paul Moore
- [RFC PATCH v4 07/14] netlabel: Add a generic way to create ordered linked lists of network addrs, Paul Moore
- [RFC PATCH v4 08/14] netlabel: Add network address selectors to the NetLabel/LSM domain mapping, Paul Moore
- [RFC PATCH v4 09/14] netlabel: Add functionality to set the security attributes of a packet, Paul Moore
  - Re: [RFC PATCH v4 09/14] netlabel: Add functionality to set the security attributes of a packet, James Morris
- [RFC PATCH v4 10/14] selinux: Set socket NetLabel based on connection endpoint, Paul Moore
  - Re: [RFC PATCH v4 10/14] selinux: Set socket NetLabel based on connection endpoint, James Morris
- [RFC PATCH v4 11/14] selinux: Cache NetLabel secattrs in the socket's security struct, Paul Moore
  - Re: [RFC PATCH v4 11/14] selinux: Cache NetLabel secattrs in the socket's security struct, James Morris
- [RFC PATCH v4 12/14] netlabel: Changes to the NetLabel security attributes to allow LSMs to pass full contexts, Paul Moore
  - Re: [RFC PATCH v4 12/14] netlabel: Changes to the NetLabel security attributes to allow LSMs to pass full contexts, James Morris
- [RFC PATCH v4 14/14] netlabel: Add configuration support for local labeling, Paul Moore
- [RFC PATCH v4 13/14] cipso: Add support for native local labeling and fixup mapping names, Paul Moore
- Re: [RFC PATCH v4 00/14] Labeled networking patches for 2.6.28, Casey Schaufler
- Re: [RFC PATCH v4 00/14] Labeled networking patches for 2.6.28, Paul Moore
  - Re: [RFC PATCH v4 00/14] Labeled networking patches for 2.6.28, Paul Moore
[PATCH 00/59] Introduce credentials, David Howells
- [PATCH 02/59] CRED: Wrap task credential accesses in the MIPS arch, David Howells

[Home] [Fedora Users] [Red Hat Install] [Red Hat Watch List] [Red Hat Sound] [Red Hat Development] [Linux Kernel]