linux/security
Harry Ciao 6f5317e730 SELinux: Socket retains creator role and MLS attribute
The socket SID would be computed on creation and no longer inherit
its creator's SID by default. Socket may have a different type but
needs to retain the creator's role and MLS attribute in order not
to break labeled networking and network access control.

The kernel value for a class would be used to determine if the class
if one of socket classes. If security_compute_sid is called from
userspace the policy value for a class would be mapped to the relevant
kernel value first.

Signed-off-by: Harry Ciao <qingtao.cao@windriver.com>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
2011-03-03 15:19:43 -05:00
..
apparmor APPARMOR: Fix memory leak of apparmor_init() 2010-11-11 07:36:22 +11:00
integrity/ima ima: fix add LSM rule bug 2011-01-03 16:36:33 -08:00
keys Merge branch 'master' into next 2011-01-10 09:46:24 +11:00
selinux SELinux: Socket retains creator role and MLS attribute 2011-03-03 15:19:43 -05:00
smack fs/vfs/security: pass last path component to LSM on inode creation 2011-02-01 11:12:29 -05:00
tomoyo fs: dcache scale d_unhashed 2011-01-07 17:50:21 +11:00
capability.c security: remove unused security_sysctl hook 2011-02-01 11:54:02 -05:00
commoncap.c capabilities/syslog: open code cap_syslog logic to fix build failure 2010-11-15 15:40:01 -08:00
device_cgroup.c
inode.c convert get_sb_single() users 2010-10-29 04:16:28 -04:00
Kconfig keys: add new key-type encrypted 2010-11-29 08:55:29 +11:00
lsm_audit.c
Makefile AppArmor: Enable configuring and building of the AppArmor security module 2010-08-02 15:38:34 +10:00
min_addr.c
security.c security: remove unused security_sysctl hook 2011-02-01 11:54:02 -05:00