linux/security
Stephen Smalley d313f94830 SELinux: detect dead booleans
Instead of using f_op to detect dead booleans, check the inode index
against the number of booleans and check the dentry name against the
boolean name for that index on reads and writes.  This prevents
incorrect use of a boolean file opened prior to a policy reload while
allowing valid use of it as long as it still corresponds to the same
boolean in the policy.

Signed-off-by:  Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
2007-12-06 00:24:09 +11:00
..
keys KEYS: Make request_key() and co fundamentally asynchronous 2007-10-17 08:42:57 -07:00
selinux SELinux: detect dead booleans 2007-12-06 00:24:09 +11:00
capability.c Implement file posix capabilities 2007-10-17 08:43:07 -07:00
commoncap.c file capabilities: don't prevent signaling setuid root programs 2007-11-29 09:24:53 -08:00
dummy.c V3 file capabilities: alter behavior of cap_setpcap 2007-10-18 14:37:24 -07:00
inode.c security/ cleanups 2007-10-17 08:43:07 -07:00
Kconfig Implement file posix capabilities 2007-10-17 08:43:07 -07:00
Makefile
root_plug.c security: Convert LSM into a static interface 2007-10-17 08:43:07 -07:00
security.c security/ cleanups 2007-10-17 08:43:07 -07:00