John Johansen 0421ea91dd apparmor: Fix change_onexec when called from a confined task ... Fix failure in aa_change_onexec api when the request is made from a confined task. This failure was caused by two problems The AA_MAY_ONEXEC perm was not being mapped correctly for this case. The executable name was being checked as second time instead of using the requested onexec profile name, which may not be the same as the exec profile name. This mistake can not be exploited to grant extra permission because of the above flaw where the ONEXEC permission was not being mapped so it will not be granted. BugLink: http://bugs.launchpad.net/bugs/963756 Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: James Morris <james.l.morris@oracle.com>		2012-03-28 01:00:05 +11:00
..
apparmor	apparmor: Fix change_onexec when called from a confined task	2012-03-28 01:00:05 +11:00
integrity	security: fix ima kconfig warning	2012-02-28 11:01:15 +11:00
keys	usermodehelper: kill umh_wait, renumber UMH_* constants	2012-03-23 16:58:41 -07:00
selinux	security: optimize avc_audit() common path	2012-03-22 17:01:41 -07:00
smack	security: trim security.h	2012-02-14 10:45:42 +11:00
tomoyo	usermodehelper: use UMH_WAIT_PROC consistently	2012-03-23 16:58:41 -07:00
yama	Yama: add PR_SET_PTRACER_ANY	2012-02-16 10:25:18 +11:00
Kconfig	security: Yama LSM	2012-02-10 09:18:52 +11:00
Makefile	security: Yama LSM	2012-02-10 09:18:52 +11:00
capability.c	security: create task_free security callback	2012-02-10 09:14:51 +11:00
commoncap.c	security: trim security.h	2012-02-14 10:45:42 +11:00
device_cgroup.c	cgroup: remove cgroup_subsys argument from callbacks	2012-02-02 09:20:22 -08:00
inode.c	securityfs: fix object creation races	2012-01-10 10:20:35 -05:00
lsm_audit.c	switch unix_sock to struct path	2012-03-20 21:29:41 -04:00
min_addr.c	mmap_min_addr check CAP_SYS_RAWIO only for write	2010-04-23 08:56:31 +10:00
security.c	security: trim security.h	2012-02-14 10:45:42 +11:00