OpenCloudOS-Kernel/Documentation/admin-guide/LSM
Thomas Cedeno 5294bac97e LSM: SafeSetID: Add GID security policy handling
The SafeSetID LSM has functionality for restricting setuid() calls based
on its configured security policies. This patch adds the analogous
functionality for setgid() calls. This is mostly a copy-and-paste change
with some code deduplication, plus slight modifications/name changes to
the policy-rule-related structs (now contain GID rules in addition to
the UID ones) and some type generalization since SafeSetID now needs to
deal with kgid_t and kuid_t types.

Signed-off-by: Thomas Cedeno <thomascedeno@google.com>
Signed-off-by: Micah Morton <mortonm@chromium.org>
2020-10-13 09:17:35 -07:00
..
LoadPin.rst security/loadpin: Allow to exclude specific file types 2019-05-31 13:57:40 -07:00
SELinux.rst Documentation: Update SELinux reference policy URL 2018-11-19 12:40:48 -05:00
SafeSetID.rst LSM: SafeSetID: Add GID security policy handling 2020-10-13 09:17:35 -07:00
Smack.rst Smack: Improve Documentation 2018-12-13 13:31:01 -08:00
Yama.rst doc: yama: Swap HTTP for HTTPS and replace dead link 2020-07-13 09:40:42 -06:00
apparmor.rst apparmor: update git and wiki locations in AppArmor docs 2018-06-07 01:50:47 -07:00
index.rst LSM: add SafeSetID module that gates setid calls 2019-01-25 11:22:45 -08:00
tomoyo.rst Replace HTTP links with HTTPS ones: documentation 2020-06-08 09:30:19 -06:00