OpenE2K/linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3bcac0263f
linux/security
History
David Howells 3bcac0263f SELinux: Don't flush inherited SIGKILL during execve() 
Don't flush inherited SIGKILL during execve() in SELinux's post cred commit
hook.  This isn't really a security problem: if the SIGKILL came before the
credentials were changed, then we were right to receive it at the time, and
should honour it; if it came after the creds were changed, then we definitely
should honour it; and in any case, all that will happen is that the process
will be scrapped before it ever returns to userspace.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-04-30 09:07:13 +10:00
..
integrity/ima integrity: ima iint radix_tree_lookup locking fix 2009-02-23 09:54:53 +11:00
keys keys: make procfiles per-user-namespace 2009-02-27 12:35:15 +11:00
selinux SELinux: Don't flush inherited SIGKILL during execve() 2009-04-30 09:07:13 +10:00
smack smack: implement logging V3 2009-04-14 09:00:23 +10:00
tomoyo tomoyo: remove "undelete domain" command. 2009-04-07 08:17:43 +10:00
capability.c lsm: Remove the socket_post_accept() hook 2009-03-28 15:01:37 +11:00
commoncap.c don't raise all privs on setuid-root file with fE set (v2) 2009-04-03 11:49:31 +11:00
device_cgroup.c devices cgroup: allow mkfifo 2009-01-08 08:31:03 -08:00
inode.c Merge branch 'master' into next 2009-02-06 11:01:45 +11:00
Kconfig Kconfig and Makefile 2009-02-12 15:19:00 +11:00
lsm_audit.c smack: implement logging V3 2009-04-14 09:00:19 +10:00
Makefile smack: implement logging V3 2009-04-14 09:00:23 +10:00
root_plug.c Revert "CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2]" 2009-01-07 09:21:54 +11:00
security.c lsm: Remove the socket_post_accept() hook 2009-03-28 15:01:37 +11:00