linux/security
Andrew G. Morgan 8cdbc2b982 capabilities: add (back) dummy support for KEEPCAPS
The dummy module is used by folk that run security conscious code(!?).  A
feature of such code (for example, dhclient) is that it tries to operate
with minimum privilege (dropping unneeded capabilities).  While the dummy
module doesn't restrict code execution based on capability state, the user
code expects the kernel to appear to support it.  This patch adds back
faked support for the PR_SET_KEEPCAPS etc., calls - making the kernel
behave as before 2.6.26.

For details see: http://bugzilla.kernel.org/show_bug.cgi?id=10748

Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: James Morris <jmorris@namei.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-06-12 18:05:40 -07:00
..
keys keys: remove unused key_alloc_sem 2008-06-06 11:29:11 -07:00
selinux [PATCH] split linux/file.h 2008-05-01 13:08:16 -04:00
smack Smack: fuse mount hang fix 2008-06-04 08:50:43 -07:00
capability.c
commoncap.c
device_cgroup.c devscgroup: make white list more compact in some cases 2008-06-06 11:29:11 -07:00
dummy.c capabilities: add (back) dummy support for KEEPCAPS 2008-06-12 18:05:40 -07:00
inode.c
Kconfig
Makefile
root_plug.c
security.c Security: Make secctx_to_secid() take const secdata 2008-04-30 08:23:51 +10:00