linux-sg2042/security/selinux
Stephen Hemminger 227b60f510 [INET]: local port range robustness
Expansion of original idea from Denis V. Lunev <den@openvz.org>

Add robustness and locking to the local_port_range sysctl.
1. Enforce that low < high when setting.
2. Use seqlock to ensure atomic update.

The locking might seem like overkill, but there are
cases where sysadmin might want to change value in the
middle of a DoS attack.

Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-10 17:30:46 -07:00
..
include security: Protection for exploiting null dereference using mmap 2007-07-11 22:52:29 -04:00
ss SELinux: correct error code in selinux_audit_rule_init 2007-08-16 11:42:28 -04:00
Kconfig Fix trivial typos in Kconfig* files 2007-05-09 07:12:20 +02:00
Makefile SELinux: extract the NetLabel SELinux support from the security server 2007-04-26 01:35:48 -04:00
avc.c [PATCH] get rid of AVC_PATH postponed treatment 2007-07-22 09:57:02 -04:00
exports.c [PATCH] selinux: rename selinux_ctxid_to_string 2006-09-26 08:48:52 -07:00
hooks.c [INET]: local port range robustness 2007-10-10 17:30:46 -07:00
netif.c [NET]: Make device event notification network namespace safe 2007-10-10 16:49:09 -07:00
netlabel.c SELinux: restore proper NetLabel caching behavior 2007-08-02 11:52:21 -04:00
netlink.c [NET]: Support multiple network namespaces with netlink 2007-10-10 16:49:09 -07:00
nlmsgtab.c Audit: add TTY input auditing 2007-07-16 09:05:47 -07:00
selinuxfs.c selinux: add selinuxfs structure for object class discovery 2007-07-11 22:52:20 -04:00
xfrm.c SELinux: null-terminate context string in selinux_xfrm_sec_ctx_alloc 2007-07-25 12:49:41 -04:00