aha/security
Etienne Basset ecfcc53fef smack: implement logging V3
the following patch, add logging of Smack security decisions.
This is of course very useful to understand what your current smack policy does.
As suggested by Casey, it also now forbids labels with ', " or \

It introduces a '/smack/logging' switch :
0: no logging
1: log denied (default)
2: log accepted
3: log denied&accepted

Signed-off-by: Etienne Basset <etienne.basset@numericable.fr>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: Eric Paris <eparis@redhat.com>
Signed-off-by: James Morris <jmorris@namei.org>
2009-04-14 09:00:23 +10:00
..
integrity/ima integrity: ima iint radix_tree_lookup locking fix 2009-02-23 09:54:53 +11:00
keys keys: make procfiles per-user-namespace 2009-02-27 12:35:15 +11:00
selinux Permissive domain in userspace object manager 2009-04-02 09:23:45 +11:00
smack smack: implement logging V3 2009-04-14 09:00:23 +10:00
tomoyo tomoyo: remove "undelete domain" command. 2009-04-07 08:17:43 +10:00
capability.c lsm: Remove the socket_post_accept() hook 2009-03-28 15:01:37 +11:00
commoncap.c don't raise all privs on setuid-root file with fE set (v2) 2009-04-03 11:49:31 +11:00
device_cgroup.c devices cgroup: allow mkfifo 2009-01-08 08:31:03 -08:00
inode.c Merge branch 'master' into next 2009-02-06 11:01:45 +11:00
Kconfig Kconfig and Makefile 2009-02-12 15:19:00 +11:00
lsm_audit.c smack: implement logging V3 2009-04-14 09:00:19 +10:00
Makefile smack: implement logging V3 2009-04-14 09:00:23 +10:00
root_plug.c Revert "CRED: Fix regression in cap_capable() as shown up by sys_faccessat() [ver #2]" 2009-01-07 09:21:54 +11:00
security.c lsm: Remove the socket_post_accept() hook 2009-03-28 15:01:37 +11:00