tmp_suning_uos_patched/security
Stephen Smalley abc69bb633 SELinux: enable processes with mac_admin to get the raw inode contexts
Enable processes with CAP_MAC_ADMIN + mac_admin permission in policy
to get undefined contexts on inodes.  This extends the support for
deferred mapping of security contexts in order to permit restorecon
and similar programs to see the raw file contexts unknown to the
system policy in order to check them.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
2008-07-14 15:01:52 +10:00
..
keys keys: remove unused key_alloc_sem 2008-06-06 11:29:11 -07:00
selinux SELinux: enable processes with mac_admin to get the raw inode contexts 2008-07-14 15:01:52 +10:00
smack Security: split proc ptrace checking into read vs. attach 2008-07-14 15:01:47 +10:00
capability.c capabilities: implement per-process securebits 2008-04-28 08:58:26 -07:00
commoncap.c Security: split proc ptrace checking into read vs. attach 2008-07-14 15:01:47 +10:00
device_cgroup.c devcgroup: fix permission check when adding entry to child cgroup 2008-07-13 12:51:18 -07:00
dummy.c Security: split proc ptrace checking into read vs. attach 2008-07-14 15:01:47 +10:00
inode.c Kobject: convert remaining kobject_unregister() to kobject_put() 2008-01-24 20:40:40 -08:00
Kconfig security: enhance DEFAULT_MMAP_MIN_ADDR description 2008-04-18 20:26:18 +10:00
Makefile cgroups: implement device whitelist 2008-04-29 08:06:09 -07:00
root_plug.c root_plug: use cap_task_prctl 2008-04-28 08:58:27 -07:00
security.c Security: split proc ptrace checking into read vs. attach 2008-07-14 15:01:47 +10:00