frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,933 Commits 293 Branches 13 Tags 61 MiB
Commit Graph

42 Commits

Author SHA1 Message Date
Eamon Walsh 1393a97ea9 xselinux: Send AVC messages to audit system instead of log file/stderr. 2007-12-20 16:23:49 -05:00
Eamon Walsh 9a7ce57363 xselinux: Add new protocol for setting device create context. 2007-12-12 20:44:59 -05:00
Eamon Walsh 5fea1ed50f registry: Remove registry code from SELinux extension. 
Moving all the names into dix/registry.c
 2007-11-20 18:39:48 -05:00
Eamon Walsh f207e69d62 xselinux: adjust receive hook to use new synthetic_event class. 2007-11-14 12:23:29 -05:00
Eamon Walsh 45f884d79c xselinux: add new synthetic_event security class, and fix registry code. 2007-11-09 15:00:15 -05:00
Eamon Walsh c7e18beb3c xselinux: Register SELinux extension protocol names. 2007-11-05 15:02:05 -05:00
Eamon Walsh 3b7af72fe3 xselinux: Add a SetDeviceContext request and stubs for more requests. 2007-10-26 20:32:47 -04:00
Eamon Walsh 7d14ca59c5 xselinux: Don't include the client in the receive hook audit messages. 2007-10-25 19:00:50 -04:00
Eamon Walsh 40de9fcf18 xselinux: Label the default device directly with the process context. 2007-10-25 12:35:01 -04:00
Eamon Walsh 4b05f19cb9 xselinux: Introduce a type transition when labeling events. 2007-10-24 19:59:58 -04:00
Eamon Walsh 0d2ef187e7 xselinux: Add audit message fields for selection and event names. 2007-10-24 18:23:31 -04:00
Eamon Walsh 46521f5298 xselinux: Add basic support for selection access control and redirection. 
Probably not fully baked yet.  It's difficult to test since so few apps
actually follow the ICCCM with respect to cut & paste.
 2007-10-23 20:58:48 -04:00
Eamon Walsh 660557593e xselinux: Remove synthetic bit when looking up event type. 2007-10-23 14:46:37 -04:00
Eamon Walsh d7db549db4 xselinux: Unregister callbacks on server reset. 2007-10-23 14:08:54 -04:00
Eamon Walsh ce7f6fe126 xselinux: properly update sizes when dynamic arrays are resized... 2007-10-19 19:40:04 -04:00
Eamon Walsh 55a96aa6b0 xselinux: add basic event labeling. 2007-10-18 14:11:11 -04:00
Eamon Walsh e974bc1233 xselinux: add hooks for send and receive access. 2007-10-18 12:33:39 -04:00
Eamon Walsh aa340b2c7c xselinux: add hook for device acceses. 2007-10-17 19:27:16 -04:00
Eamon Walsh 503f918f55 xselinux: Move functions around; add some more comments. 2007-10-17 19:14:15 -04:00
Eamon Walsh baabae623b xselinux: Started reworking extension using new XACE hooks. 2007-10-17 13:54:56 -04:00
Eamon Walsh 50551ec693 xace: remove obsoleted DRAWABLE_ACCESS hook. 2007-09-28 15:04:33 -04:00
Eamon Walsh 5bee8db003 xace: drop background-none checking hook, add new hook for controlling 
access to other clients.
 2007-08-16 10:44:51 -04:00
Eamon Walsh 3c9553ac2c xace: rename hostlist security hook to "server" as this hook will be used 
for other types of server access besides just the host list.
 2007-08-15 14:14:25 -04:00
Eamon Walsh 2030e9e539 xselinux: use new libselinux support for context labeling. 
Remove all the config file parsing code and use the new lookup interface
instead.
 2007-06-21 15:37:18 -04:00
Eamon Walsh 878cac71aa xselinux: use new libselinux support for private Flask definitions. 
Removes indirect dependency on kernel headers.
 2007-06-11 14:19:37 -04:00
Eamon Walsh 9cee4ec5e6 xace: change the semantics of the return value of XACE hooks to allow 
arbitrary X status codes instead of just TRUE/FALSE.

The dix layer in most cases still does not propagate the return value of
XACE hooks back to the client, however.  There is more error propagation
work to do.
 2007-04-17 16:01:56 -04:00
Eamon Walsh 84a066cc88 xace: pass serverClient as default argument to dixChangeWindowProperty 
instead of NullClient.
 2007-03-23 10:33:53 -04:00
Eamon Walsh e1cc68add0 xace: drop the name argument from the property callback. 2007-03-22 17:33:16 -04:00
Eamon Walsh 1b766ffc06 dix: reorganize property code to better support xace hook; requires new API for 
changing a property, dixChangeWindowProperty, taking an additional client argument.
 2007-03-22 15:55:35 -04:00
Eamon Walsh 78c962da76 xselinux: use the new ResourceStateCallback instead of the XACE_WINDOW_INIT hook. 2007-03-19 17:04:51 -04:00
Eamon Walsh 6a89106e9c xselinux + security: remove confusing CALLBACK macro. 2007-03-19 16:51:29 -04:00
Eamon Walsh 18339375cd xselinux: remove context validation function for now. 2007-03-08 12:14:06 -05:00
Eamon Walsh 2fb8b7f819 Split ObjectSIDByLabel into two functions since property labeling now 
involves an additional compute_create lookup.
 2007-01-19 19:14:51 -05:00
Eamon Walsh 700fccf863 Remove the root window context line from the configuration file. 
This context will be derived through a type_transition rule instead.
 2007-01-19 14:56:38 -05:00
Eamon Walsh cd71e86183 Naming change: Security*Access -> Dix*Access. 
Clarify some error message strings.
 2006-12-20 13:45:24 -05:00
Eamon Walsh fb6d676de5 Add xserver object class to list of object classes. 2006-12-12 16:17:51 -05:00
Eamon Walsh 568c09481e Split AssignClientState() into two routines, new routine is server-specific. 2006-12-12 15:59:08 -05:00
Eamon Walsh e124806994 Remove trailing whitespace (whitespace police). 2006-12-12 13:35:22 -05:00
Eamon Walsh ca77c12107 Naming change: Security*Operation -> Xace*Operation 2006-12-12 13:27:03 -05:00
Eamon Walsh 354c80da66 Improve error handling, messages during initialization. 2006-12-12 13:27:03 -05:00
Eamon Walsh 3714d91499 Experimental window property holding security context. 2006-12-12 13:27:03 -05:00
Eamon Walsh 83aad2be8a Add SELinux extension source files. 2006-12-12 13:27:02 -05:00