summaryrefslogtreecommitdiff
path: root/Xext/xselinux.c
AgeCommit message (Collapse)AuthorFilesLines
2008-06-17SELinux: Add an extension alias under the OS-agnostic "Flask" name.Eamon Walsh1-0/+2
(cherry picked from commit 79dd600942bbac3c6b531f284b42c7b2c822da90)
2008-03-31XSELinux: Add a request to get a client's context from a resource ID.Eamon Walsh1-0/+33
(cherry picked from commit 9f56fc580646a519875b5a1452738d8c6e1fa860)
2008-03-28XSELinux: Add xorg.conf option for permissive/enforcing/disabled.Eamon Walsh1-5/+26
Patch by Joe Nall. The option goes in the "extmod" subsection. TODO: Make it easier for extension modules to handle their own options. (cherry picked from commit b5f98fcea2024c67e598947782913982072cf4fb)
2008-03-20XSELinux: Do a check for whether background "None" is allowed.Eamon Walsh1-0/+7
(cherry picked from commit 3bbd77ff98478153afe3251de9ba11d757218213)
2008-03-20XSELinux: Correctly handle some permission bits that are used more than once.Eamon Walsh1-5/+20
(cherry picked from commit e323bb426ce8a072d119cb2720b773241259c137)
2008-03-04xselinux: Implement polyinstantiation support and related protocol.Eamon Walsh1-359/+657
(cherry picked from commit d4101140f4e569f18554cf0cbf43138d08bd1277)
2008-02-29XACE: Add generic support for property and selection polyinstantiation.Eamon Walsh1-16/+13
2008-02-29dix: Refactoring of selection code to allow for polyinstantiation.Eamon Walsh1-2/+0
Introduces dixLookupSelection() API. Removes NumCurrentSelections from API.
2008-02-28xselinux: Don't require device "read" permission for XQueryPointer.Eamon Walsh1-0/+11
These keyboard and pointer state polling calls are a real problem.
2008-02-28xselinux: Log messages to both libaudit and Xorg.0.log.Eamon Walsh1-0/+1
2008-02-27xselinux: Prefix a few remaining error messages with "SELinux".Eamon Walsh1-7/+6
2008-02-27xselinux: Don't throw BadAccess if DixUnknownAccess is passed in to a hook.Eamon Walsh1-0/+2
The avc will still appear, however, so that the callsite can be fixed.
2008-02-26xselinux: Stub out selection protocol requests.Eamon Walsh1-0/+52
2008-02-26xselinux: Rip out the selection code in advance of polyinstantiation support.Eamon Walsh1-31/+0
This resolves an issue where BadWindow errors were being thrown.
2008-02-13xselinux: Add use to permission map for devices.Eamon Walsh1-1/+1
2008-02-07xselinux: Use the device name in debugging output.Eamon Walsh1-3/+8
2008-02-07xselinux: Split devPrivate state into subject and object records.Eamon Walsh1-87/+149
2008-02-07xselinux: Add getattr and setattr to the permission map for properties.Eamon Walsh1-1/+1
2008-02-05XACE: Push the dix "structure" includes down to the security modules.Eamon Walsh1-6/+11
2008-02-05XACE: Move the property access hook to its own function.Eamon Walsh1-1/+1
2008-01-24xselinux: Rename SelectionManager to more generic SecurityManager.Eamon Walsh1-30/+30
2008-01-24xselinux: Use a privileged bit in the state instead of passing an indexEamon Walsh1-33/+27
to the permission checking function.
2008-01-24xselinux: Implement "get context" protocol requests.Eamon Walsh1-3/+116
2008-01-24xselinux: Whitespace fixups.Eamon Walsh1-34/+32
2007-12-28xselinux: Fix whitespace warnings.Eamon Walsh1-12/+12
2007-12-28xselinux: Remove "X" prefix on remaining functions and strings.Eamon Walsh1-37/+37
Should be evident from the context.
2007-12-28xselinux: don't FatalError on an invalid class mapping, just disable support.Eamon Walsh1-2/+7
2007-12-28xselinux: Implement swapped protocol request logic.Eamon Walsh1-28/+41
2007-12-20xselinux: Send AVC messages to audit system instead of log file/stderr.Eamon Walsh1-1/+5
2007-12-12xselinux: Add new protocol for setting device create context.Eamon Walsh1-0/+32
2007-11-20registry: Remove registry code from SELinux extension.Eamon Walsh1-24/+0
Moving all the names into dix/registry.c
2007-11-14xselinux: adjust receive hook to use new synthetic_event class.Eamon Walsh1-7/+9
2007-11-09xselinux: add new synthetic_event security class, and fix registry code.Eamon Walsh1-17/+19
2007-11-05xselinux: Register SELinux extension protocol names.Eamon Walsh1-0/+24
2007-10-26xselinux: Add a SetDeviceContext request and stubs for more requests.Eamon Walsh1-6/+184
2007-10-25xselinux: Don't include the client in the receive hook audit messages.Eamon Walsh1-1/+1
2007-10-25xselinux: Label the default device directly with the process context.Eamon Walsh1-7/+3
2007-10-24xselinux: Introduce a type transition when labeling events.Eamon Walsh1-5/+12
2007-10-24xselinux: Add audit message fields for selection and event names.Eamon Walsh1-12/+22
2007-10-23xselinux: Add basic support for selection access control and redirection.Eamon Walsh1-60/+311
Probably not fully baked yet. It's difficult to test since so few apps actually follow the ICCCM with respect to cut & paste.
2007-10-23xselinux: Remove synthetic bit when looking up event type.Eamon Walsh1-1/+2
2007-10-23xselinux: Unregister callbacks on server reset.Eamon Walsh1-17/+37
2007-10-19xselinux: properly update sizes when dynamic arrays are resized...Eamon Walsh1-0/+2
2007-10-18xselinux: add basic event labeling.Eamon Walsh1-4/+86
2007-10-18xselinux: add hooks for send and receive access.Eamon Walsh1-44/+86
2007-10-17xselinux: add hook for device acceses.Eamon Walsh1-1/+31
2007-10-17xselinux: Move functions around; add some more comments.Eamon Walsh1-117/+150
2007-10-17xselinux: Started reworking extension using new XACE hooks.Eamon Walsh1-1165/+510
2007-09-28xace: remove obsoleted DRAWABLE_ACCESS hook.Eamon Walsh1-1/+0
2007-08-16xace: drop background-none checking hook, add new hook for controllingEamon Walsh1-10/+0
access to other clients.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-18 13:51:16 +0000