Re: [PATCH] X.509: Fix the time validation [ver #3]

2015-12-11 Thread David Howells
Greg Kroah-Hartman wrote: > David, any reason you didn't put a cc: stable in the commit for it to be > picked up in the stable releases? I did cc it to stable. David -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of

Re: Exposing secid to secctx mapping to user-space

2015-12-11 Thread Stephen Smalley
On 12/11/2015 02:55 PM, Paul Moore wrote: On Fri, Dec 11, 2015 at 1:37 PM, Daniel Cashman wrote: Hello, I would like to write a patch that would expose, via selinuxfs, the mapping between secids in the kernel and security contexts to user-space, but before doing so

Re: Exposing secid to secctx mapping to user-space

2015-12-11 Thread Casey Schaufler
On 12/11/2015 2:14 PM, Stephen Smalley wrote: > On 12/11/2015 02:55 PM, Paul Moore wrote: >> On Fri, Dec 11, 2015 at 1:37 PM, Daniel Cashman wrote: >>> Hello, >>> >>> I would like to write a patch that would expose, via selinuxfs, the >>> mapping between secids in the kernel

Re: Exposing secid to secctx mapping to user-space

2015-12-11 Thread Paul Moore
On Fri, Dec 11, 2015 at 1:37 PM, Daniel Cashman wrote: > Hello, > > I would like to write a patch that would expose, via selinuxfs, the > mapping between secids in the kernel and security contexts to > user-space, but before doing so wanted to get some feedback as to >

Re: [PATCH] X.509: Fix the time validation [ver #3]

2015-12-11 Thread Josh Boyer
On Fri, Dec 11, 2015 at 6:13 AM, David Howells wrote: > Greg Kroah-Hartman wrote: > >> David, any reason you didn't put a cc: stable in the commit for it to be >> picked up in the stable releases? > > I did cc it to stable. You had the stable

Re: [PATCH v3] capabilities.7, prctl.2: Document ambient capabilities

2015-12-11 Thread Michael Kerrisk (man-pages)
On 12/04/2015 05:12 PM, Andy Lutomirski wrote: > On Fri, Dec 4, 2015 at 7:08 AM, Michael Kerrisk (man-pages) > wrote: >> Hi Andy, >> >> I have applied your patch (below). Thanks for writing it. >> But I have a question or two and a request. >> >> === >> >> In the

Re: Exposing secid to secctx mapping to user-space

2015-12-11 Thread Casey Schaufler
On 12/11/2015 10:37 AM, Daniel Cashman wrote: > Hello, > > I would like to write a patch that would expose, via selinuxfs, the > mapping between secids in the kernel and security contexts to > user-space, but before doing so wanted to get some feedback as to > whether or not such an endeavor could

Re: [PATCH] X.509: Fix leap year handling again and support leap seconds

2015-12-11 Thread Rudolf Polzer
On Thu, Dec 10, 2015 at 9:40 AM, David Howells wrote: > David Howells wrote: > >> > the leap second support still looks a bit suspect, as mktime64 will convert >> > mm/dd/ HH/MM/60 and mm/dd/ HH/MM+1/00 to the same time64_t, >> > essentially

RE: Exposing secid to secctx mapping to user-space

2015-12-11 Thread Roberts, William C
> -Original Message- > From: owner-linux-security-mod...@vger.kernel.org [mailto:owner-linux- > security-mod...@vger.kernel.org] On Behalf Of Paul Moore > Sent: Friday, December 11, 2015 11:55 AM > To: Daniel Cashman > Cc: seli...@tycho.nsa.gov; Stephen Smalley

Exposing secid to secctx mapping to user-space

2015-12-11 Thread Daniel Cashman
Hello, I would like to write a patch that would expose, via selinuxfs, the mapping between secids in the kernel and security contexts to user-space, but before doing so wanted to get some feedback as to whether or not such an endeavor could have any support upstream. The direct motivation for