linux/security
Stephen Smalley db4c9641de [PATCH] selinux: fix and cleanup mprotect checks
Fix the SELinux mprotect checks on executable mappings so that they are not
re-applied when the mapping is already executable as well as cleaning up
the code.  This avoids a situation where e.g.  an application is prevented
from removing PROT_WRITE on an already executable mapping previously
authorized via execmem permission due to an execmod denial.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-02-01 08:53:18 -08:00
..
keys [PATCH] move capable() to capability.h 2006-01-11 18:42:13 -08:00
selinux [PATCH] selinux: fix and cleanup mprotect checks 2006-02-01 08:53:18 -08:00
Kconfig [LSM-IPSec]: Security association restriction. 2006-01-03 13:10:24 -08:00
Makefile [PATCH] add securityfs for all LSMs to use 2005-07-08 18:48:41 -07:00
capability.c kbuild: un-stringnify KBUILD_MODNAME 2006-01-06 21:17:50 +01:00
commoncap.c [PATCH] move capable() to capability.h 2006-01-11 18:42:13 -08:00
dummy.c [PATCH] move capable() to capability.h 2006-01-11 18:42:13 -08:00
inode.c [PATCH] mutex subsystem, semaphore to mutex: VFS, ->i_sem 2006-01-09 15:59:24 -08:00
root_plug.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
seclvl.c Don't try to "validate" a non-existing timeval. 2006-01-31 10:16:55 -08:00
security.c [PATCH] move capable() to capability.h 2006-01-11 18:42:13 -08:00