date:20170711

Re: [RFC][PATCH] selinux: Introduce a policy capability and permission for NNP transitions

2017-07-11 Thread Paul Moore

On Mon, Jul 10, 2017 at 4:25 PM, Stephen Smalley wrote: > As systemd ramps up enabling NoNewPrivileges (either explicitly in > service unit files or as a side effect of other security-related > settings in service unit files), we're increasingly running afoul of > its

Re: [RFC][PATCH] selinux: Introduce a policy capability and permission for NNP transitions

2017-07-11 Thread Dominick Grift

On Tue, Jul 11, 2017 at 04:23:29PM -0400, Stephen Smalley wrote: > On Tue, 2017-07-11 at 22:10 +0200, Dominick Grift wrote: > > On Tue, Jul 11, 2017 at 10:05:36PM +0200, Dominick Grift wrote: > > > On Tue, Jul 11, 2017 at 03:52:52PM -0400, Stephen Smalley wrote: > > > > On Mon, 2017-07-10 at 16:25

Re: [RFC][PATCH] selinux: Introduce a policy capability and permission for NNP transitions

2017-07-11 Thread Stephen Smalley

On Tue, 2017-07-11 at 22:10 +0200, Dominick Grift wrote: > On Tue, Jul 11, 2017 at 10:05:36PM +0200, Dominick Grift wrote: > > On Tue, Jul 11, 2017 at 03:52:52PM -0400, Stephen Smalley wrote: > > > On Mon, 2017-07-10 at 16:25 -0400, Stephen Smalley wrote: > > > > As systemd ramps up enabling

Re: [RFC][PATCH] selinux: Introduce a policy capability and permission for NNP transitions

2017-07-11 Thread Dominick Grift

On Tue, Jul 11, 2017 at 10:05:36PM +0200, Dominick Grift wrote: > On Tue, Jul 11, 2017 at 03:52:52PM -0400, Stephen Smalley wrote: > > On Mon, 2017-07-10 at 16:25 -0400, Stephen Smalley wrote: > > > As systemd ramps up enabling NoNewPrivileges (either explicitly in > > > service unit files or as a

Re: [RFC][PATCH] selinux: Introduce a policy capability and permission for NNP transitions

2017-07-11 Thread Dominick Grift

On Tue, Jul 11, 2017 at 03:52:52PM -0400, Stephen Smalley wrote: > On Mon, 2017-07-10 at 16:25 -0400, Stephen Smalley wrote: > > As systemd ramps up enabling NoNewPrivileges (either explicitly in > > service unit files or as a side effect of other security-related > > settings in service unit

Re: [RFC][PATCH] selinux: Introduce a policy capability and permission for NNP transitions

2017-07-11 Thread Stephen Smalley

On Mon, 2017-07-10 at 16:25 -0400, Stephen Smalley wrote: > As systemd ramps up enabling NoNewPrivileges (either explicitly in > service unit files or as a side effect of other security-related > settings in service unit files), we're increasingly running afoul of > its interactions with SELinux.

Re: [PATCH v2 2/8] exec: Move security_bprm_secureexec() earlier

2017-07-11 Thread Kees Cook

On Mon, Jul 10, 2017 at 10:18 AM, Eric W. Biederman wrote: > Kees Cook writes: > >> On Mon, Jul 10, 2017 at 1:57 AM, Eric W. Biederman >> wrote: >>> Kees Cook writes: >>> There are several places

Re: [RFC][PATCH] selinux: Introduce a policy capability and permission for NNP transitions

Re: [RFC][PATCH] selinux: Introduce a policy capability and permission for NNP transitions

Re: [RFC][PATCH] selinux: Introduce a policy capability and permission for NNP transitions

Re: [RFC][PATCH] selinux: Introduce a policy capability and permission for NNP transitions

Re: [RFC][PATCH] selinux: Introduce a policy capability and permission for NNP transitions

Re: [RFC][PATCH] selinux: Introduce a policy capability and permission for NNP transitions

Re: [PATCH v2 2/8] exec: Move security_bprm_secureexec() earlier

7 matches

Site Navigation

Mail list logo

Footer information