Searched hist:"192 ca6b5" (Results 1 – 4 of 4) sorted by relevance
/openbmc/linux/security/apparmor/include/ |
H A D | file.h | 192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec
Instead of running file revalidation lazily when read/write are called copy selinux and revalidate the file table on exec. This avoids extra mediation overhead in read/write and also prevents file handles being passed through to a grand child unchecked.
Signed-off-by: John Johansen <john.johansen@canonical.com> 192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec Instead of running file revalidation lazily when read/write are called copy selinux and revalidate the file table on exec. This avoids extra mediation overhead in read/write and also prevents file handles being passed through to a grand child unchecked. Signed-off-by: John Johansen <john.johansen@canonical.com>
|
H A D | audit.h | 192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec
Instead of running file revalidation lazily when read/write are called copy selinux and revalidate the file table on exec. This avoids extra mediation overhead in read/write and also prevents file handles being passed through to a grand child unchecked.
Signed-off-by: John Johansen <john.johansen@canonical.com> 192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec Instead of running file revalidation lazily when read/write are called copy selinux and revalidate the file table on exec. This avoids extra mediation overhead in read/write and also prevents file handles being passed through to a grand child unchecked. Signed-off-by: John Johansen <john.johansen@canonical.com>
|
/openbmc/linux/security/apparmor/ |
H A D | file.c | 192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec
Instead of running file revalidation lazily when read/write are called copy selinux and revalidate the file table on exec. This avoids extra mediation overhead in read/write and also prevents file handles being passed through to a grand child unchecked.
Signed-off-by: John Johansen <john.johansen@canonical.com> 192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec Instead of running file revalidation lazily when read/write are called copy selinux and revalidate the file table on exec. This avoids extra mediation overhead in read/write and also prevents file handles being passed through to a grand child unchecked. Signed-off-by: John Johansen <john.johansen@canonical.com>
|
H A D | lsm.c | 192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec
Instead of running file revalidation lazily when read/write are called copy selinux and revalidate the file table on exec. This avoids extra mediation overhead in read/write and also prevents file handles being passed through to a grand child unchecked.
Signed-off-by: John Johansen <john.johansen@canonical.com> 192ca6b5 Fri Jun 09 13:58:42 CDT 2017 John Johansen <john.johansen@canonical.com> apparmor: revalidate files during exec Instead of running file revalidation lazily when read/write are called copy selinux and revalidate the file table on exec. This avoids extra mediation overhead in read/write and also prevents file handles being passed through to a grand child unchecked. Signed-off-by: John Johansen <john.johansen@canonical.com>
|