Home
last modified time | relevance | path

Searched hist:"192 ca6b5" (Results 1 – 4 of 4) sorted by relevance

/openbmc/linux/security/apparmor/include/
H A Dfile.h192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec

Instead of running file revalidation lazily when read/write are called
copy selinux and revalidate the file table on exec. This avoids
extra mediation overhead in read/write and also prevents file handles
being passed through to a grand child unchecked.

Signed-off-by: John Johansen <john.johansen@canonical.com>
192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec

Instead of running file revalidation lazily when read/write are called
copy selinux and revalidate the file table on exec. This avoids
extra mediation overhead in read/write and also prevents file handles
being passed through to a grand child unchecked.

Signed-off-by: John Johansen <john.johansen@canonical.com>
H A Daudit.h192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec

Instead of running file revalidation lazily when read/write are called
copy selinux and revalidate the file table on exec. This avoids
extra mediation overhead in read/write and also prevents file handles
being passed through to a grand child unchecked.

Signed-off-by: John Johansen <john.johansen@canonical.com>
192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec

Instead of running file revalidation lazily when read/write are called
copy selinux and revalidate the file table on exec. This avoids
extra mediation overhead in read/write and also prevents file handles
being passed through to a grand child unchecked.

Signed-off-by: John Johansen <john.johansen@canonical.com>
/openbmc/linux/security/apparmor/
H A Dfile.c192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec

Instead of running file revalidation lazily when read/write are called
copy selinux and revalidate the file table on exec. This avoids
extra mediation overhead in read/write and also prevents file handles
being passed through to a grand child unchecked.

Signed-off-by: John Johansen <john.johansen@canonical.com>
192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec

Instead of running file revalidation lazily when read/write are called
copy selinux and revalidate the file table on exec. This avoids
extra mediation overhead in read/write and also prevents file handles
being passed through to a grand child unchecked.

Signed-off-by: John Johansen <john.johansen@canonical.com>
H A Dlsm.c192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec

Instead of running file revalidation lazily when read/write are called
copy selinux and revalidate the file table on exec. This avoids
extra mediation overhead in read/write and also prevents file handles
being passed through to a grand child unchecked.

Signed-off-by: John Johansen <john.johansen@canonical.com>
192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec

Instead of running file revalidation lazily when read/write are called
copy selinux and revalidate the file table on exec. This avoids
extra mediation overhead in read/write and also prevents file handles
being passed through to a grand child unchecked.

Signed-off-by: John Johansen <john.johansen@canonical.com>