breeze/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-01-25 15:03:52 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
2d9da9b188b8cd3b579d7ef5ba5d334be9dd38fc
linux/security/apparmor/include
History
John Johansen 2d9da9b188 apparmor: allow restricting unprivileged change_profile 
unprivileged unconfined can use change_profile to alter the confinement
set by the mac admin.

Allow restricting unprivileged unconfined by still allowing change_profile
but stacking the change against unconfined. This allows unconfined to
still apply system policy but allows the task to enter the new confinement.

If unprivileged unconfined is required a sysctl is provided to switch
to the previous behavior.

Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
2023-10-18 15:48:44 -07:00
..
apparmor.h
apparmor: Fix undefined references to zstd_ symbols
2022-10-03 14:49:04 -07:00
apparmorfs.h
apparmor: make export of raw binary profile to userspace optional
2022-07-09 15:13:59 -07:00
audit.h
apparmor: pass cred through to audit info.
2023-10-18 15:30:38 -07:00
capability.h
apparmor: pass cred through to audit info.
2023-10-18 15:30:38 -07:00
cred.h
apparmor: Simplify obtain the newest label on a cred
2022-10-03 14:49:04 -07:00
crypto.h
domain.h
apparmor: extend permissions to support a label and tag string
2022-10-03 14:49:03 -07:00
file.h
apparmor: pass cred through to audit info.
2023-10-18 15:30:38 -07:00
ipc.h
apparmor: pass cred through to audit info.
2023-10-18 15:30:38 -07:00
label.h
apparmor: refactor profile rules and attachments
2022-10-03 14:49:04 -07:00
lib.h
apparmor: refcount the pdb
2023-10-18 15:30:47 -07:00
match.h
apparmor: refcount the pdb
2023-10-18 15:30:47 -07:00
mount.h
apparmor: pass cred through to audit info.
2023-10-18 15:30:38 -07:00
net.h
apparmor: pass cred through to audit info.
2023-10-18 15:30:38 -07:00
path.h
apparmor: allow label to carry debug flags
2022-07-19 02:55:45 -07:00
perms.h
apparmor: combine common_audit_data and apparmor_audit_data
2023-10-18 15:30:29 -07:00
policy_compat.h
apparmor: isolate policy backwards compatibility to its own file
2022-10-03 14:49:03 -07:00
policy_ns.h
apparmor: remove unused functions in policy_ns.c/.h
2023-10-15 21:44:31 -07:00
policy_unpack.h
Merge tag 'apparmor-pr-2022-12-14' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor
2022-12-14 13:42:09 -08:00
policy.h
apparmor: allow restricting unprivileged change_profile
2023-10-18 15:48:44 -07:00
procattr.h
resource.h
apparmor: pass cred through to audit info.
2023-10-18 15:30:38 -07:00
secid.h
apparmor: disable showing the mode as part of a secid to secctx
2022-07-13 17:18:29 -07:00
sig_names.h
task.h
apparmor: pass cred through to audit info.
2023-10-18 15:30:38 -07:00