- rsbac-commit - rsbac.org

linux-5.10.y 5.10.116 commit c26911568887 Treat value RC_role_use_force_role specially when assigning initial
by Amon Ott 19 May '22

19 May '22

https://git.rsbac.org/cgi-bin/gitweb.cgi?p=linux-5.10.y.git;a=summary RSBAC for Linux 5.10 (Long Term) Current version: 5.10.116 commit c269115688871b0d818240302c045ae97e9aec26 Author: Amon Ott <ao(a)rsbac.org> Date: Fri Mar 25 11:20:13 2022 +0100 Treat value RC_role_use_force_role specially when assigning initial/force role. Files and dirs can have the special RC initial role value RC_role_use_force_role, which refers to the force role setting. When assigning a new initial role, we check whether old and new initial role value are in the current role's set of assign roles. We must use the force role value for that check in this case. If no force role value has been set explicitely, we inherit the root dir default value. In this special case we allow access without that default value in the assign roles set of the current role to avoid a hen-and-egg problem. rsbac/adf/rc/rc_main.c | 75 ++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 69 insertions(+), 6 deletions(-)

1 0

linux-5.4.y 5.4.194 commit c52fa64dcd19 Do not check space in rsbac_symlink_redirect(), rather truncate res
by Amon Ott 19 May '22

19 May '22

https://git.rsbac.org/cgi-bin/gitweb.cgi?p=linux-5.4.y.git;a=summary RSBAC for Linux 5.4 (Long Term) Current version: 5.4.194 commit c52fa64dcd196293cace52775028e81f41757a22 Author: Amon Ott <ao(a)rsbac.org> Date: Wed Nov 3 13:13:34 2021 +0100 Do not check space in rsbac_symlink_redirect(), rather truncate result later. This follows the standard readlink() behaviour, which silently truncates, if there is not enough space. fs/namei.c | 6 ++++-- fs/stat.c | 2 +- include/rsbac/adf.h | 1 - rsbac/adf/adf_main.c | 51 +++++++-------------------------------------------- 4 files changed, 12 insertions(+), 48 deletions(-)

1 0

linux-4.9.y 4.9.313 commit 0515e08db7cd Do not check space in rsbac_symlink_redirect(), rather truncate res
by Amon Ott 19 May '22

19 May '22

https://git.rsbac.org/cgi-bin/gitweb.cgi?p=linux-4.9.y.git;a=summary RSBAC for Linux 4.9 (Long Term) Current version: 4.9.313 commit 0515e08db7cd61dc0c1895cd8f79092b77c25dd7 Author: Amon Ott <ao(a)rsbac.org> Date: Wed Nov 3 13:33:54 2021 +0100 Do not check space in rsbac_symlink_redirect(), rather truncate result later. This follows the standard readlink() behaviour, which silently truncates, if there is not enough space. fs/namei.c | 6 ++++-- fs/stat.c | 2 +- include/rsbac/adf.h | 1 - rsbac/adf/adf_main.c | 51 +++++++-------------------------------------------- 4 files changed, 12 insertions(+), 48 deletions(-)

1 0

linux-5.15.y 5.15.40 commit eebcaa81b7dc Threat value RC_role_use_force_role specially when assigning initia
by Amon Ott 19 May '22

19 May '22

https://git.rsbac.org/cgi-bin/gitweb.cgi?p=linux-5.15.y.git;a=summary RSBAC for Linux 5.15 (Long Term) Current version: 5.15.40 commit eebcaa81b7dc599a575a5c743fa2b8fb34997e12 Author: Amon Ott <ao(a)rsbac.org> Date: Fri Mar 25 10:58:33 2022 +0100 Threat value RC_role_use_force_role specially when assigning initial/force role. Files and dirs can have the special RC initial role value RC_role_use_force_role, which refers to the force role setting. When assigning a new initial role, we check whether old and new initial role value are in the current role's set of assign roles. We must use the force role value for that check in this case. If no force role value has been set explicitely, we inherit the root dir default value. In this special case we allow access without that default value in the assign roles set of the current role to avoid a hen-and-egg problem. rsbac/adf/rc/rc_main.c | 75 ++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 69 insertions(+), 6 deletions(-)

1 0

linux-5.10.y 5.10.117 commit 192b8680f064 sysfs_kf_seq_show(), sysfs_kf_bin_read(): fix attribute type in req
by Amon Ott 19 May '22

19 May '22

https://git.rsbac.org/cgi-bin/gitweb.cgi?p=linux-5.10.y.git;a=summary RSBAC for Linux 5.10 (Long Term) Current version: 5.10.117 commit 192b8680f064467aec397c93e6d6a6fdf84b386a Author: Amon Ott <ao(a)rsbac.org> Date: Mon May 16 14:55:33 2022 +0200 sysfs_kf_seq_show(), sysfs_kf_bin_read(): fix attribute type in request. fs/sysfs/file.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

1 0

linux-5.15.y 5.15.41 commit e5cf3afef731 sysfs_kf_seq_show(), sysfs_kf_bin_read(): fix attribute type in req
by Amon Ott 19 May '22

19 May '22

https://git.rsbac.org/cgi-bin/gitweb.cgi?p=linux-5.15.y.git;a=summary RSBAC for Linux 5.15 (Long Term) Current version: 5.15.41 commit e5cf3afef731679a612d54cff9ed4760ca673dde Author: Amon Ott <ao(a)rsbac.org> Date: Mon May 16 12:53:43 2022 +0200 sysfs_kf_seq_show(), sysfs_kf_bin_read(): fix attribute type in request. fs/sysfs/file.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

1 0

2025

2024

2023

2022

rsbac-commit