David Howells 3bcac0263f SELinux: Don't flush inherited SIGKILL during execve() ... Don't flush inherited SIGKILL during execve() in SELinux's post cred commit hook. This isn't really a security problem: if the SIGKILL came before the credentials were changed, then we were right to receive it at the time, and should honour it; if it came after the creds were changed, then we definitely should honour it; and in any case, all that will happen is that the process will be scrapped before it ever returns to userspace. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Oleg Nesterov <oleg@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>		2009-04-30 09:07:13 +10:00
..
integrity/ima	integrity: ima iint radix_tree_lookup locking fix	2009-02-23 09:54:53 +11:00
keys	keys: make procfiles per-user-namespace	2009-02-27 12:35:15 +11:00
selinux	SELinux: Don't flush inherited SIGKILL during execve()	2009-04-30 09:07:13 +10:00
smack	smack: implement logging V3	2009-04-14 09:00:23 +10:00
tomoyo	tomoyo: remove "undelete domain" command.	2009-04-07 08:17:43 +10:00
Kconfig	Kconfig and Makefile	2009-02-12 15:19:00 +11:00
Makefile	smack: implement logging V3	2009-04-14 09:00:23 +10:00
capability.c	lsm: Remove the socket_post_accept() hook	2009-03-28 15:01:37 +11:00
commoncap.c	don't raise all privs on setuid-root file with fE set (v2)	2009-04-03 11:49:31 +11:00
device_cgroup.c	devices cgroup: allow mkfifo	2009-01-08 08:31:03 -08:00
inode.c	Merge branch 'master' into next	2009-02-06 11:01:45 +11:00
lsm_audit.c	smack: implement logging V3	2009-04-14 09:00:19 +10:00
root_plug.c	Revert "CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2]"	2009-01-07 09:21:54 +11:00
security.c	lsm: Remove the socket_post_accept() hook	2009-03-28 15:01:37 +11:00