mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
1032 commits 23 branches 109 tags 32 MiB
Commit graph

27 commits

Author SHA1 Message Date
John Johansen
c460dcc52f update change_hats rules to generate rules for all hats 2008-04-06 18:52:47 +00:00
John Johansen
5f5aeee472 Allow for profiles without attachment, ie. they don't begin with / 
currently profile names can not collide with file modes nor with
keywords
 2008-04-05 05:47:49 +00:00
John Johansen
36ad7de2c5 Add the ability to specify link subset test on a link pair, and 
fix a bug where link pairs could get improperly merged.
 2008-03-13 16:49:10 +00:00
John Johansen
d2eeef8291 extend the flags in preparation for audit control 2008-03-13 16:46:53 +00:00
John Johansen
97dbaa02cb change from U:G:O syntax to owner syntax and remove group permission 2007-11-29 18:06:53 +00:00
John Johansen
398102afa8 old style link compatability 2007-11-16 09:36:42 +00:00
John Johansen
638535d650 exec modes per U:G:O 2007-11-16 09:35:57 +00:00
John Johansen
ec639bc82c user:group:any permissions 2007-11-16 09:35:31 +00:00
John Johansen
40c3686041 remove old netdomain syntax 2007-11-16 09:34:01 +00:00
John Johansen
230b04231c add pix transition mode 2007-11-16 09:27:34 +00:00
Steve Beattie
3216755358 Patch by jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Use correct terminology; convert unconstrained to unconfined.
 2007-07-27 20:45:45 +00:00
Steve Beattie
9df76dbcda Patch by jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Add mediation/keywords for locks.
 2007-07-27 20:38:43 +00:00
Steve Beattie
95d6ab1b1b Patch by jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Add support for a distinction between write permission and append-only
permission.
 2007-07-27 20:31:38 +00:00
Steve Beattie
2737f6bc97 Patch by jjohansen@suse.de 
Acked-By: Steve Beattie <sbeattie@suse.de>

Support for basic network mediation keywords.
 2007-07-27 20:29:47 +00:00
Steve Beattie
86e5ed3109 Patch from jjohansen@suse.de 
Fix debugging with CHANGE_PROFILE.
 2007-07-27 20:25:59 +00:00
John Johansen
12f3472c09 basic change_profile support 2007-06-26 21:10:28 +00:00
John Johansen
cd79c1ac77 update copyright dates 2007-04-11 08:12:51 +00:00
Andreas Gruenbacher
b9057fd0bc Remove obsolete definition. 2007-03-30 20:39:11 +00:00
Andreas Gruenbacher
b73d827660 Fix build: screwed up because the build dependencies are broken; changes to regexp.y don't trigger the appropriate rebuilds 2007-03-30 15:58:15 +00:00
Andreas Gruenbacher
36e95daeb8 Get rid of all the POS_ and some other unused definitions 2007-03-30 14:59:13 +00:00
John Johansen
f3ba454d8c Add dfa support to the parser 2007-02-27 02:29:16 +00:00
John Johansen
20dbc4d8cb fix miss break #240986. Back out partial commit of dfa matcher support (that was mistakenly submitted) 2007-02-01 21:45:39 +00:00
John Johansen
d1f8df2fa5 dfa patches for the parser 2007-02-01 20:18:50 +00:00
John Johansen
b96bd2cd3b update parser to use HAS_X macros 2006-08-04 17:20:16 +00:00
John Johansen
3cb147e25c [https://bugzilla.novell.com/show_bug.cgi?id=172061] 
This (updated) patch to trunk adds support for Px and Ux (toggle
bprm_secure on exec) in the parser, As requested, lowercase p and u
corresponds to an unfiltered environmnet on exec, uppercase will filter
the environment.  It applies after the 'm' patch.

As a side effect, I tried to reduce the use of hardcoded characters in
the debugging statements -- there are still a few warnings that have
hard coded letters in them; not sure I can fix them all.

This version issues a warning for every unsafe ux and issues a single
warning for the first 'R', 'W', 'X', 'L', and 'I' it encounters,
except when the "-q" or "--quiet" flag , "--remove" profile flag, or
"-N" report names flags are passed.  Unfortunately, it made the logic
somewhat more convoluted.  Wordsmithing improvements welcome.
 2006-08-04 17:14:49 +00:00
John Johansen
cafbfe7cd3 [https://bugzilla.novell.com/show_bug.cgi?id=175388] 
This (updated) patch to trunk adds the m flag to the parser language. The
m flag explicitly does -not- conflict with px, ux, or ix.

It does not add exec mmap as implicit to inherited execs, as it was
asserted that the module should do this.

I have not fixed up the testcases to match.
 2006-08-04 17:14:06 +00:00
Steve Beattie
6d3e74907d Import the rest of the core functionality of the internal apparmor 
development tree (trunk branch). From svn repo version 6381.
 2006-04-11 21:52:54 +00:00