summaryrefslogtreecommitdiffstats
path: root/kernel/capability.c
Commit message (Expand)AuthorAgeFilesLines
* exec: Ensure mm->user_ns contains the execed filesEric W. Biederman2017-01-061-2/+14
* ptrace: Capture the ptracer's creds not PT_PTRACE_CAPEric W. Biederman2017-01-061-0/+20
* kernel: Add noaudit variant of ns_capable()Tyler Hicks2016-09-151-10/+36
* kernel: conditionally support non-root users, groups and capabilitiesIulia Manda2015-04-151-16/+19
* CAPABILITIES: remove undefined caps from all processesEric Paris2014-07-241-0/+4
* fs,userns: Change inode_capable to capable_wrt_inode_uidgidAndy Lutomirski2014-06-101-12/+8
* kernel/capability.c: code clean-upFabian Frederick2014-06-041-3/+3
* Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmo...Linus Torvalds2014-04-031-19/+10
|\
| * capability: Use current logging stylesJoe Perches2014-02-241-19/+10
* | audit: Simplify and correct audit_log_capsetEric W. Biederman2014-01-131-1/+1
|/
* Merge tag 'xfs-for-linus-v3.12-rc1' of git://oss.sgi.com/xfs/xfsLinus Torvalds2013-09-091-0/+1
|\
| * xfs: ioctl check for capabilities in the current user namespaceDwight Engen2013-08-151-0/+1
* | userns: Kill nsown_capable it makes the wrong thing easyEric W. Biederman2013-08-301-12/+0
|/
* Add file_ns_capable() helper function for open-time capability checkingLinus Torvalds2013-04-141-0/+24
* userns: Teach inode_capable to understand inodes whose uids map to other name...Eric W. Biederman2012-05-151-2/+4
* userns: Replace the hard to write inode_userns with inode_capable.Eric W. Biederman2012-04-071-0/+19
* Revert "capabitlies: ns_capable can use the cap helpers rather than lsm call"Linus Torvalds2012-01-171-1/+1
* Merge branch 'for-linus' of git://selinuxproject.org/~jmorris/linux-securityLinus Torvalds2012-01-141-34/+46
|\
| * capabilities: remove task_ns_* functionsEric Paris2012-01-051-14/+0
| * capabitlies: ns_capable can use the cap helpers rather than lsm callEric Paris2012-01-051-1/+1
| * capabilities: style only - move capable below ns_capableEric Paris2012-01-051-16/+16
| * capabilites: introduce new has_ns_capabilities_noauditEric Paris2012-01-051-5/+25
| * capabilities: call has_ns_capability from has_capabilityEric Paris2012-01-051-16/+10
| * capabilities: remove all _real_ interfacesEric Paris2012-01-051-3/+15
| * capabilities: reverse arguments to security_capableEric Paris2012-01-051-1/+1
* | kernel: Map most files to use export.h instead of module.hPaul Gortmaker2011-10-311-1/+1
|/
* Merge branch 'master' into nextJames Morris2011-05-191-0/+12
|\
| * Cache user_ns in struct credSerge E. Hallyn2011-05-131-0/+12
* | capabilities: delete unused cap_set_fullEric Paris2011-04-041-2/+0
* | capabilities: do not drop CAP_SETPCAP from the initial taskEric Paris2011-04-041-2/+0
|/
* userns: make has_capability* into real functionsSerge E. Hallyn2011-03-231-0/+54
* userns: security: make capabilities relative to the user namespaceSerge E. Hallyn2011-03-231-5/+37
* security: add cred argument to security_capable()Chris Wright2011-02-111-1/+1
* sched: Remove remaining USER_SCHED codeLi Zefan2010-04-021-1/+0
* capabilities: Use RCU to protect task lookup in sys_capgetThomas Gleixner2009-12-101-2/+2
* remove CONFIG_SECURITY_FILE_CAPABILITIES compile optionSerge E. Hallyn2009-11-241-2/+0
* Silence the existing API for capability version compatibility check.Andrew G. Morgan2009-11-241-2/+2
* capabilities: simplify bound checks for copy_from_user()Arjan van de Ven2009-10-141-3/+6
* [CVE-2009-0029] System call wrappers part 04Heiko Carstens2009-01-141-2/+2
* Merge branch 'next' into for-linusJames Morris2009-01-071-1/+1
|\
| * CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #3]David Howells2009-01-071-1/+1
| * Revert "CRED: Fix regression in cap_capable() as shown up by sys_faccessat() ...James Morris2009-01-071-1/+1
| * CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2]David Howells2009-01-051-1/+1
* | sanitize audit_log_capset()Al Viro2009-01-041-3/+1
|/
* CRED: Inaugurate COW credentialsDavid Howells2008-11-141-54/+24
* CRED: Separate task security context from task_structDavid Howells2008-11-141-2/+2
* CRED: Neuter sys_capset()David Howells2008-11-141-204/+23
* Capabilities: BUG when an invalid capability is requestedEric Paris2008-11-111-0/+5
* When the capset syscall is used it is not possible for audit to record theEric Paris2008-11-111-0/+5
* file capabilities: add no_file_caps switch (v4)Serge E. Hallyn2008-11-061-0/+11