linux-security-module
Thread
Date
Earlier messages
Later messages
Messages by Thread
Re: [PATCH v2 1/2] crypto: KEYS: convert public key to the akcipher api
Herbert Xu
Re: [PATCH v2 1/2] crypto: KEYS: convert public key to the akcipher api
Tadeusz Struk
Re: [PATCH v2 1/2] crypto: KEYS: convert public key to the akcipher api
Herbert Xu
Re: [PATCH v2 1/2] crypto: KEYS: convert public key to the akcipher api
Tadeusz Struk
[PATCH v2 2/2] integrity: convert digsig to akcipher api
Tadeusz Struk
Re: [PATCH v2 2/2] integrity: convert digsig to akcipher api
Mimi Zohar
Re: [PATCH v2 2/2] integrity: convert digsig to akcipher api
Tadeusz Struk
Exposing secid to secctx mapping to user-space
Daniel Cashman
Re: Exposing secid to secctx mapping to user-space
Paul Moore
RE: Exposing secid to secctx mapping to user-space
Roberts, William C
Re: Exposing secid to secctx mapping to user-space
Stephen Smalley
Re: Exposing secid to secctx mapping to user-space
Casey Schaufler
Re: Exposing secid to secctx mapping to user-space
Paul Moore
Re: Exposing secid to secctx mapping to user-space
Mike Palmiotto
Re: Exposing secid to secctx mapping to user-space
Casey Schaufler
Re: Exposing secid to secctx mapping to user-space
Stephen Smalley
Re: Exposing secid to secctx mapping to user-space
Casey Schaufler
RE: Exposing secid to secctx mapping to user-space
Roberts, William C
Re: Exposing secid to secctx mapping to user-space
Stephen Smalley
RE: Exposing secid to secctx mapping to user-space
Roberts, William C
Re: Exposing secid to secctx mapping to user-space
Stephen Smalley
Re: Exposing secid to secctx mapping to user-space
Casey Schaufler
Re: Exposing secid to secctx mapping to user-space
Stephen Smalley
Re: Exposing secid to secctx mapping to user-space
Casey Schaufler
Re: Exposing secid to secctx mapping to user-space
Joe Nall
Re: Exposing secid to secctx mapping to user-space
Stephen Smalley
Re: Exposing secid to secctx mapping to user-space
Joe Nall
Re: Exposing secid to secctx mapping to user-space
Paul Moore
Re: Exposing secid to secctx mapping to user-space
Daniel Cashman
Re: Exposing secid to secctx mapping to user-space
Paul Moore
Re: Exposing secid to secctx mapping to user-space
Casey Schaufler
[RFC PATCH] VFS: Remove security module inode blob allocation overhead - unmundged
Casey Schaufler
[RFC PATCH] VFS: Remove security module inode blob allocation overhead
Casey Schaufler
[PATCH 0/2] crypto: KEYS: convert public key to akcipher api
Tadeusz Struk
[PATCH 2/2] integrity: convert digsig to akcipher api
Tadeusz Struk
[PATCH 1/2] crypto: KEYS: convert public key to the akcipher api
Tadeusz Struk
Re: [PATCH 0/2] crypto: KEYS: convert public key to akcipher api
Mimi Zohar
Re: [PATCH 0/2] crypto: KEYS: convert public key to akcipher api
Tadeusz Struk
Re: [PATCH 0/2] crypto: KEYS: convert public key to akcipher api
Mimi Zohar
Re: [PATCH 0/2] crypto: KEYS: convert public key to akcipher api
Mimi Zohar
[PATCH 0/2] security: clarify that some code is really non-modular
Paul Gortmaker
[PATCH 1/2] security/keys: make big_key.c explicitly non-modular
Paul Gortmaker
[PATCH 2/2] security/integrity: make ima/ima_mok.c explicitly non-modular
Paul Gortmaker
Re: [PATCH 2/2] security/integrity: make ima/ima_mok.c explicitly non-modular
Mimi Zohar
Re: [PATCH 0/2] security: clarify that some code is really non-modular
David Howells
Update
robert
[PATCH v1 0/7] ima: measuring/appraising files read by the kernel
Mimi Zohar
[PATCH v1 3/7] ima: load policy using path
Mimi Zohar
Re: [PATCH v1 3/7] ima: load policy using path
Luis R. Rodriguez
Re: [PATCH v1 3/7] ima: load policy using path
Luis R. Rodriguez
[PATCH v1 1/7] ima: update appraise flags after policy update completes
Mimi Zohar
Re: [PATCH v1 1/7] ima: update appraise flags after policy update completes
Petko Manolov
Re: [PATCH v1 1/7] ima: update appraise flags after policy update completes
Mimi Zohar
[PATCH v1 2/7] ima: separate 'security.ima' reading functionality from collect
Mimi Zohar
[PATCH v1 4/7] ima: measure and appraise kexec image and initramfs
Mimi Zohar
Re: [PATCH v1 4/7] ima: measure and appraise kexec image and initramfs
Vivek Goyal
Re: [PATCH v1 4/7] ima: measure and appraise kexec image and initramfs
Mimi Zohar
Re: [PATCH v1 4/7] ima: measure and appraise kexec image and initramfs
Dave Young
Re: [PATCH v1 4/7] ima: measure and appraise kexec image and initramfs
Mimi Zohar
Re: [PATCH v1 4/7] ima: measure and appraise kexec image and initramfs
Luis R. Rodriguez
[PATCH v1 5/7] ima: measure and appraise firmware (improvement)
Mimi Zohar
Re: [PATCH v1 5/7] ima: measure and appraise firmware (improvement)
Luis R. Rodriguez
Re: [PATCH v1 5/7] ima: measure and appraise firmware (improvement)
Mimi Zohar
Re: [PATCH v1 5/7] ima: measure and appraise firmware (improvement)
Luis R. Rodriguez
Re: [PATCH v1 5/7] ima: measure and appraise firmware (improvement)
Mimi Zohar
[PATCH v1 6/7] ima: measure and appraise the IMA policy itself
Mimi Zohar
Re: [PATCH v1 6/7] ima: measure and appraise the IMA policy itself
Luis R. Rodriguez
Re: [PATCH v1 6/7] ima: measure and appraise the IMA policy itself
Mimi Zohar
Re: [PATCH v1 6/7] ima: measure and appraise the IMA policy itself
Luis R. Rodriguez
[PATCH v1 7/7] ima: require signed IMA policy
Mimi Zohar
Re: [PATCH v1 7/7] ima: require signed IMA policy
Petko Manolov
Re: [PATCH v1 7/7] ima: require signed IMA policy
Mimi Zohar
[PATCH v2 00/19] Support fuse mounts in user namespaces
Seth Forshee
[PATCH v2 13/18] fs: Allow superblock owner to access do_remount_sb()
Seth Forshee
[PATCH v2 17/18] fuse: Restrict allow_other to the superblock's namespace or a descendant
Seth Forshee
[PATCH v2 16/18] fuse: Support fuse filesystems outside of init_user_ns
Seth Forshee
[PATCH v2 18/18] fuse: Allow user namespace mounts
Seth Forshee
[PATCH v2 14/18] capabilities: Allow privileged user in s_user_ns to set security.* xattrs
Seth Forshee
[PATCH v2 15/18] fuse: Add support for pid namespaces
Seth Forshee
[PATCH v2 12/18] fs: Don't remove suid for CAP_FSETID in s_user_ns
Seth Forshee
[PATCH v2 09/18] fs: Refuse uid/gid changes which don't map into s_user_ns
Seth Forshee
[PATCH v2 10/18] fs: Update posix_acl support to handle user namespace mounts
Seth Forshee
[PATCH v2 07/18] fs: Check for invalid i_uid in may_follow_link()
Seth Forshee
[PATCH v2 08/18] cred: Reject inodes with invalid ids in set_create_file_as()
Seth Forshee
[PATCH v2 11/18] fs: Ensure the mounter of a filesystem is privileged towards its inodes
Seth Forshee
[PATCH v2 05/18] userns: Replace in_userns with current_in_userns
Seth Forshee
[PATCH v2 06/18] Smack: Handle labels consistently in untrusted mounts
Seth Forshee
[PATCH v2 04/18] selinux: Add support for unprivileged mounts from user namespaces
Seth Forshee
[PATCH v2 03/18] fs: Treat foreign mounts as nosuid
Seth Forshee
[PATCH v2 01/18] block_dev: Support checking inode permissions in lookup_bdev()
Seth Forshee
[PATCH v2 02/18] block_dev: Check permissions towards block device inode when mounting
Seth Forshee
[PATCH v1 1/1] selinux: use absolute path to include directory
Andy Shevchenko
[PATCH 00/19] Support fuse mounts in user namespaces
Seth Forshee
[PATCH 04/19] selinux: Add support for unprivileged mounts from user namespaces
Seth Forshee
[PATCH 15/19] capabilities: Allow privileged user in s_user_ns to set file caps
Seth Forshee
Re: [PATCH 15/19] capabilities: Allow privileged user in s_user_ns to set file caps
Serge E. Hallyn
Re: [PATCH 15/19] capabilities: Allow privileged user in s_user_ns to set file caps
Seth Forshee
Re: [PATCH 15/19] capabilities: Allow privileged user in s_user_ns to set file caps
Serge E. Hallyn
[PATCH 19/19] fuse: Allow user namespace mounts
Seth Forshee
[PATCH 18/19] fuse: Restrict allow_other to the superblock's namespace or a descendant
Seth Forshee
Re: [PATCH 18/19] fuse: Restrict allow_other to the superblock's namespace or a descendant
Serge E. Hallyn
Re: [PATCH 18/19] fuse: Restrict allow_other to the superblock's namespace or a descendant
Seth Forshee
Re: [PATCH 18/19] fuse: Restrict allow_other to the superblock's namespace or a descendant
Serge E. Hallyn
[PATCH 16/19] fuse: Add support for pid namespaces
Seth Forshee
[PATCH 17/19] fuse: Support fuse filesystems outside of init_user_ns
Seth Forshee
Re: [PATCH 17/19] fuse: Support fuse filesystems outside of init_user_ns
Seth Forshee
Re: [PATCH 17/19] fuse: Support fuse filesystems outside of init_user_ns
Serge E. Hallyn
Re: [PATCH 17/19] fuse: Support fuse filesystems outside of init_user_ns
Seth Forshee
Re: [PATCH 17/19] fuse: Support fuse filesystems outside of init_user_ns
Serge E. Hallyn
[PATCH 11/19] fs: Ensure the mounter of a filesystem is privileged towards its inodes
Seth Forshee
Re: [PATCH 11/19] fs: Ensure the mounter of a filesystem is privileged towards its inodes
Serge E. Hallyn
[PATCH 14/19] fs: Permit FIBMAP for users with CAP_SYS_RAWIO in s_user_ns
Seth Forshee
Re: [PATCH 14/19] fs: Permit FIBMAP for users with CAP_SYS_RAWIO in s_user_ns
Serge E. Hallyn
Re: [PATCH 14/19] fs: Permit FIBMAP for users with CAP_SYS_RAWIO in s_user_ns
Theodore Ts'o
Re: [PATCH 14/19] fs: Permit FIBMAP for users with CAP_SYS_RAWIO in s_user_ns
Serge E. Hallyn
Re: [PATCH 14/19] fs: Permit FIBMAP for users with CAP_SYS_RAWIO in s_user_ns
Seth Forshee
Re: [PATCH 14/19] fs: Permit FIBMAP for users with CAP_SYS_RAWIO in s_user_ns
Theodore Ts'o
Re: [PATCH 14/19] fs: Permit FIBMAP for users with CAP_SYS_RAWIO in s_user_ns
Serge E. Hallyn
Re: [PATCH 14/19] fs: Permit FIBMAP for users with CAP_SYS_RAWIO in s_user_ns
Seth Forshee
Re: [PATCH 14/19] fs: Permit FIBMAP for users with CAP_SYS_RAWIO in s_user_ns
Andreas Dilger
[PATCH 08/19] cred: Reject inodes with invalid ids in set_create_file_as()
Seth Forshee
Re: [PATCH 08/19] cred: Reject inodes with invalid ids in set_create_file_as()
Serge E. Hallyn
[PATCH 09/19] fs: Refuse uid/gid changes which don't map into s_user_ns
Seth Forshee
Re: [PATCH 09/19] fs: Refuse uid/gid changes which don't map into s_user_ns
Serge E. Hallyn
Re: [PATCH 09/19] fs: Refuse uid/gid changes which don't map into s_user_ns
Seth Forshee
Re: [PATCH 09/19] fs: Refuse uid/gid changes which don't map into s_user_ns
Serge E. Hallyn
[PATCH 12/19] fs: Don't remove suid for CAP_FSETID in s_user_ns
Seth Forshee
Re: [PATCH 12/19] fs: Don't remove suid for CAP_FSETID in s_user_ns
Serge E. Hallyn
[PATCH 10/19] fs: Update posix_acl support to handle user namespace mounts
Seth Forshee
Re: [PATCH 10/19] fs: Update posix_acl support to handle user namespace mounts
Serge E. Hallyn
[PATCH 13/19] fs: Allow superblock owner to access do_remount_sb()
Seth Forshee
Re: [PATCH 13/19] fs: Allow superblock owner to access do_remount_sb()
Serge E. Hallyn
[PATCH 06/19] Smack: Handle labels consistently in untrusted mounts
Seth Forshee
[PATCH 02/19] block_dev: Check permissions towards block device inode when mounting
Seth Forshee
Re: [PATCH 02/19] block_dev: Check permissions towards block device inode when mounting
Serge E. Hallyn
[PATCH 03/19] fs: Treat foreign mounts as nosuid
Seth Forshee
Re: [PATCH 03/19] fs: Treat foreign mounts as nosuid
Serge E. Hallyn
[PATCH 01/19] block_dev: Support checking inode permissions in lookup_bdev()
Seth Forshee
Re: [PATCH 01/19] block_dev: Support checking inode permissions in lookup_bdev()
Serge E. Hallyn
[PATCH 07/19] fs: Check for invalid i_uid in may_follow_link()
Seth Forshee
Re: [PATCH 07/19] fs: Check for invalid i_uid in may_follow_link()
Serge E. Hallyn
[PATCH 05/19] userns: Replace in_userns with current_in_userns
Seth Forshee
Re: [PATCH 05/19] userns: Replace in_userns with current_in_userns
Serge E. Hallyn
[PATCH v6 0/3] IMA policy read/write and new IMA keyrings;
Petko Manolov
[PATCH v6 2/3] Create IMA machine owner and blacklist keyrings;
Petko Manolov
[PATCH v6 1/3] IMA policy can now be updated multiple times.
Petko Manolov
[PATCH v6 3/3] Allows reading back the current IMA policy.
Petko Manolov
Re: [PATCH v6 0/3] IMA policy read/write and new IMA keyrings;
Mimi Zohar
keyring timestamps
Petko Manolov
Re: keyring timestamps
Mimi Zohar
Re: keyring timestamps
David Howells
Re: keyring timestamps
Petko Manolov
Re: keyring timestamps
Mark D. Baushke
[PATCH] X.509: Fix leap year handling again and support leap seconds
David Howells
Re: [PATCH] X.509: Fix leap year handling again and support leap seconds
Rudolf Polzer
Re: [PATCH] X.509: Fix leap year handling again and support leap seconds
David Howells
Re: [PATCH] X.509: Fix leap year handling again and support leap seconds
David Howells
Re: [PATCH] X.509: Fix leap year handling again and support leap seconds
David Howells
Re: [PATCH] X.509: Fix leap year handling again and support leap seconds
Rudolf Polzer
[PATCH RFC] Introduce new security.nscapability xattr
Serge E. Hallyn
Re: [PATCH RFC] Introduce new security.nscapability xattr
Eric W. Biederman
Re: [PATCH RFC] Introduce new security.nscapability xattr
Serge E. Hallyn
Re: [PATCH RFC] Introduce new security.nscapability xattr
Serge E. Hallyn
[PATCH] evm: EVM_LOAD_X509 depends on EVM
Arnd Bergmann
Re: [PATCH] evm: EVM_LOAD_X509 depends on EVM
Mimi Zohar
[GIT PULL] SELinux fixes for 4.4 (#1)
Paul Moore
[GIT PULL] security: KEYS: Fix handling of stored error in a negatively instantiated user key
James Morris
[GIT PULL] security: updated fixes for 4.4
James Morris
Re: [GIT PULL] security: KEYS: Fix handling of stored error in a negatively instantiated user key
Josh Boyer
[PATCH] KEYS: Fix handling of stored error in a negatively instantiated user key
David Howells
Re: [PATCH] KEYS: Fix handling of stored error in a negatively instantiated user key
David Howells
Re: [PATCH] KEYS: Fix handling of stored error in a negatively instantiated user key
James Morris
Re: [PATCH] KEYS: Fix handling of stored error in a negatively instantiated user key
David Howells
[PATCH 2/2] KEYS: Use the symbol value for list size, updated by scripts/insert-sys-cert
Mehmet Kayaalp
[PATCH 1/2] KEYS: Reserve an extra certificate symbol for inserting without recompiling
Mehmet Kayaalp
Re: [PATCH 1/2] KEYS: Reserve an extra certificate symbol for inserting without recompiling
Mimi Zohar
Re: [PATCH 1/2] KEYS: Reserve an extra certificate symbol for inserting without recompiling
David Howells
Re: [PATCH 1/2] KEYS: Reserve an extra certificate symbol for inserting without recompiling
Mehmet Kayaalp
[PATCH 0/5] ima: measuring/appraising files read by the kernel
Mimi Zohar
[PATCH 3/5] ima: ignore the kexec cache status
Mimi Zohar
[PATCH 2/5] ima: measure and appraise kexec image
Mimi Zohar
[PATCH 4/5] ima: measure/appraise the initramfs being kexec'ed
Mimi Zohar
[PATCH 5/5] ima: read firmware only once
Mimi Zohar
[PATCH 1/5] ima: separate 'security.ima' reading functionality from collect
Mimi Zohar
[RFC PATCH] audit: force seccomp event logging to honor the audit_enabled flag
Paul Moore
Re: [RFC PATCH] audit: force seccomp event logging to honor the audit_enabled flag
Tony Jones
Re: [RFC PATCH] audit: force seccomp event logging to honor the audit_enabled flag
Paul Moore
Re: [RFC PATCH] audit: force seccomp event logging to honor the audit_enabled flag
Paul Moore
Security next tree synced to v4.4-rc2
James Morris
Re: Security next tree synced to v4.4-rc2
Casey Schaufler
ANN: Experimental Fedora Rawhide kernels (selinux-next and audit-next)
Paul Moore
[RFC] KEYS: Exposing {a,}symmetric key ops to userspace and other bits
David Howells
Re: [RFC] KEYS: Exposing {a,}symmetric key ops to userspace and other bits
Mimi Zohar
Re: [RFC] KEYS: Exposing {a,}symmetric key ops to userspace and other bits
Mimi Zohar
[RFC] readlink()-related oddities
Al Viro
Re: [RFC] readlink()-related oddities
Linus Torvalds
Re: [RFC] readlink()-related oddities
Al Viro
Re: [RFC] readlink()-related oddities
Linus Torvalds
Re: [RFC] readlink()-related oddities
Linus Torvalds
Re: [RFC] readlink()-related oddities
Al Viro
Earlier messages
Later messages