|  Eamon Walsh | 5d065a8890 | xselinux: Use xace Xtrans wrappers instead of the now-inaccessible wrapees. | 2008-12-18 14:01:10 -05:00 |  | 
				
					
						|  Eamon Walsh | ed597f19fd | xselinux: use "raw context" variants of getpeercon() and getcon(). | 2008-11-25 22:49:19 -05:00 |  | 
				
					
						|  Eamon Walsh | 2538fc0d89 | xselinux: don't pass a NULL key string to selabel_lookup(). | 2008-11-25 18:28:12 -05:00 |  | 
				
					
						|  Eamon Walsh | 0f2fd0577f | xselinux: send more specific message types to libaudit. | 2008-10-30 18:29:51 -04:00 |  | 
				
					
						|  Eamon Walsh | 60ad8d5d05 | Attempt getpeercon() on remote sockets as well as local ones. | 2008-08-28 23:45:17 -04:00 |  | 
				
					
						|  Tomas Carnecky | ebea78cdba | Prepare for array-index based devPrivates. TODO: static indices can be made just an int; some indices
can be combined. | 2008-08-28 18:05:40 -04:00 |  | 
				
					
						|  Eamon Walsh | 79dd600942 | SELinux: Add an extension alias under the OS-agnostic "Flask" name. | 2008-06-17 19:11:21 -04:00 |  | 
				
					
						|  Eamon Walsh | 9f56fc5806 | XSELinux: Add a request to get a client's context from a resource ID. | 2008-03-31 17:35:10 -04:00 |  | 
				
					
						|  Eamon Walsh | b5f98fcea2 | XSELinux: Add xorg.conf option for permissive/enforcing/disabled. Patch by Joe Nall.
The option goes in the "extmod" subsection.
TODO: Make it easier for extension modules to handle their own options. | 2008-03-28 14:14:23 -04:00 |  | 
				
					
						|  Eamon Walsh | 3bbd77ff98 | XSELinux: Do a check for whether background "None" is allowed. | 2008-03-20 20:03:02 -04:00 |  | 
				
					
						|  Eamon Walsh | e323bb426c | XSELinux: Correctly handle some permission bits that are used more than once. | 2008-03-20 19:42:09 -04:00 |  | 
				
					
						|  Eamon Walsh | d4101140f4 | xselinux: Implement polyinstantiation support and related protocol. | 2008-03-04 22:39:41 -05:00 |  | 
				
					
						|  Eamon Walsh | cc76ea6e3a | XACE: Add generic support for property and selection polyinstantiation. | 2008-02-29 18:01:37 -05:00 |  | 
				
					
						|  Eamon Walsh | 34bf308a9e | dix: Refactoring of selection code to allow for polyinstantiation. Introduces dixLookupSelection() API.
Removes NumCurrentSelections from API. | 2008-02-29 18:01:37 -05:00 |  | 
				
					
						|  Eamon Walsh | d04ea267a4 | xselinux: Don't require device "read" permission for XQueryPointer. These keyboard and pointer state polling calls are a real problem. | 2008-02-28 21:53:16 -05:00 |  | 
				
					
						|  Eamon Walsh | 3fb17a3e64 | xselinux: Log messages to both libaudit and Xorg.0.log. | 2008-02-28 21:52:57 -05:00 |  | 
				
					
						|  Eamon Walsh | f616735f17 | xselinux: Prefix a few remaining error messages with "SELinux". | 2008-02-27 22:48:29 -05:00 |  | 
				
					
						|  Eamon Walsh | e40cc5305b | xselinux: Don't throw BadAccess if DixUnknownAccess is passed in to a hook. The avc will still appear, however, so that the callsite can be fixed. | 2008-02-27 22:48:28 -05:00 |  | 
				
					
						|  Eamon Walsh | 3f0681fb0b | xselinux: Stub out selection protocol requests. | 2008-02-26 23:14:29 -05:00 |  | 
				
					
						|  Eamon Walsh | 4632ea2258 | xselinux: Rip out the selection code in advance of polyinstantiation support. This resolves an issue where BadWindow errors were being thrown. | 2008-02-26 22:00:52 -05:00 |  | 
				
					
						|  Eamon Walsh | e99aadbc26 | xselinux: Add use to permission map for devices. | 2008-02-13 20:20:49 -05:00 |  | 
				
					
						|  Eamon Walsh | 31934132a4 | xselinux: Use the device name in debugging output. | 2008-02-07 16:32:06 -05:00 |  | 
				
					
						|  Eamon Walsh | 6dcb7d732b | xselinux: Split devPrivate state into subject and object records. | 2008-02-07 16:00:52 -05:00 |  | 
				
					
						|  Eamon Walsh | 2259b144f0 | xselinux: Add getattr and setattr to the permission map for properties. | 2008-02-07 14:35:02 -05:00 |  | 
				
					
						|  Eamon Walsh | 5c30327275 | XACE: Push the dix "structure" includes down to the security modules. | 2008-02-05 21:06:05 -05:00 |  | 
				
					
						|  Eamon Walsh | bb1a577a68 | XACE: Move the property access hook to its own function. | 2008-02-05 20:07:08 -05:00 |  | 
				
					
						|  Eamon Walsh | 46794d0c96 | xselinux: Rename SelectionManager to more generic SecurityManager. | 2008-01-24 19:49:13 -05:00 |  | 
				
					
						|  Eamon Walsh | 6ffeecabb7 | xselinux: Use a privileged bit in the state instead of passing an index to the permission checking function. | 2008-01-24 18:11:49 -05:00 |  | 
				
					
						|  Eamon Walsh | 7ba8e97cba | xselinux: Implement "get context" protocol requests. | 2008-01-24 19:09:58 -05:00 |  | 
				
					
						|  Eamon Walsh | f0bf9a5231 | xselinux: Whitespace fixups. | 2008-01-24 19:02:35 -05:00 |  | 
				
					
						|  Eamon Walsh | 3b23dd9fd4 | xselinux: Fix whitespace warnings. | 2007-12-28 13:29:45 -05:00 |  | 
				
					
						|  Eamon Walsh | 643c52be32 | xselinux: Remove "X" prefix on remaining functions and strings. Should be evident from the context. | 2007-12-28 13:27:28 -05:00 |  | 
				
					
						|  Eamon Walsh | f4bc333fc1 | xselinux: don't FatalError on an invalid class mapping, just disable support. | 2007-12-28 13:27:28 -05:00 |  | 
				
					
						|  Eamon Walsh | f3780ece52 | xselinux: Implement swapped protocol request logic. | 2007-12-28 13:27:28 -05:00 |  | 
				
					
						|  Eamon Walsh | 1393a97ea9 | xselinux: Send AVC messages to audit system instead of log file/stderr. | 2007-12-20 16:23:49 -05:00 |  | 
				
					
						|  Eamon Walsh | 9a7ce57363 | xselinux: Add new protocol for setting device create context. | 2007-12-12 20:44:59 -05:00 |  | 
				
					
						|  Eamon Walsh | 5fea1ed50f | registry: Remove registry code from SELinux extension. Moving all the names into dix/registry.c | 2007-11-20 18:39:48 -05:00 |  | 
				
					
						|  Eamon Walsh | f207e69d62 | xselinux: adjust receive hook to use new synthetic_event class. | 2007-11-14 12:23:29 -05:00 |  | 
				
					
						|  Eamon Walsh | 45f884d79c | xselinux: add new synthetic_event security class, and fix registry code. | 2007-11-09 15:00:15 -05:00 |  | 
				
					
						|  Eamon Walsh | c7e18beb3c | xselinux: Register SELinux extension protocol names. | 2007-11-05 15:02:05 -05:00 |  | 
				
					
						|  Eamon Walsh | 3b7af72fe3 | xselinux: Add a SetDeviceContext request and stubs for more requests. | 2007-10-26 20:32:47 -04:00 |  | 
				
					
						|  Eamon Walsh | 7d14ca59c5 | xselinux: Don't include the client in the receive hook audit messages. | 2007-10-25 19:00:50 -04:00 |  | 
				
					
						|  Eamon Walsh | 40de9fcf18 | xselinux: Label the default device directly with the process context. | 2007-10-25 12:35:01 -04:00 |  | 
				
					
						|  Eamon Walsh | 4b05f19cb9 | xselinux: Introduce a type transition when labeling events. | 2007-10-24 19:59:58 -04:00 |  | 
				
					
						|  Eamon Walsh | 0d2ef187e7 | xselinux: Add audit message fields for selection and event names. | 2007-10-24 18:23:31 -04:00 |  | 
				
					
						|  Eamon Walsh | 46521f5298 | xselinux: Add basic support for selection access control and redirection. Probably not fully baked yet.  It's difficult to test since so few apps
actually follow the ICCCM with respect to cut & paste. | 2007-10-23 20:58:48 -04:00 |  | 
				
					
						|  Eamon Walsh | 660557593e | xselinux: Remove synthetic bit when looking up event type. | 2007-10-23 14:46:37 -04:00 |  | 
				
					
						|  Eamon Walsh | d7db549db4 | xselinux: Unregister callbacks on server reset. | 2007-10-23 14:08:54 -04:00 |  | 
				
					
						|  Eamon Walsh | ce7f6fe126 | xselinux: properly update sizes when dynamic arrays are resized... | 2007-10-19 19:40:04 -04:00 |  | 
				
					
						|  Eamon Walsh | 55a96aa6b0 | xselinux: add basic event labeling. | 2007-10-18 14:11:11 -04:00 |  |