WSL2-Linux-Kernel/security
Eric Paris 64dbf07474 selinux: introduce permissive types
Introduce the concept of a permissive type.  A new ebitmap is introduced to
the policy database which indicates if a given type has the permissive bit
set or not.  This bit is tested for the scontext of any denial.  The bit is
meaningless on types which only appear as the target of a decision and never
the source.  A domain running with a permissive type will be allowed to
perform any action similarly to when the system is globally set permissive.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
2008-04-18 20:26:11 +10:00
..
keys security: replace remaining __FUNCTION__ occurrences 2008-04-18 20:26:07 +10:00
selinux selinux: introduce permissive types 2008-04-18 20:26:11 +10:00
smack smackfs: remove redundant lock, fix open(,O_RDWR) 2008-03-24 19:22:19 -07:00
Kconfig security: allow Kconfig to set default mmap_min_addr protection 2008-02-06 21:39:46 +08:00
Makefile Smack: Simplified Mandatory Access Control Kernel 2008-02-05 09:44:20 -08:00
capability.c file capabilities: remove cap_task_kill() 2008-03-20 09:46:36 -07:00
commoncap.c security: replace remaining __FUNCTION__ occurrences 2008-04-18 20:26:07 +10:00
dummy.c LSM/SELinux: Interfaces to allow FS to control mount options 2008-03-06 08:40:53 +11:00
inode.c Kobject: convert remaining kobject_unregister() to kobject_put() 2008-01-24 20:40:40 -08:00
root_plug.c security: replace remaining __FUNCTION__ occurrences 2008-04-18 20:26:07 +10:00
security.c security: replace remaining __FUNCTION__ occurrences 2008-04-18 20:26:07 +10:00