~ubuntu-branches/ubuntu/raring/apparmor/raring

« back to all changes in this revision

Viewing changes to kernel-patches/for-mainline/apparmor-inode_symlink.diff

Committer: Bazaar Package Importer
Author(s): Kees Cook
Date: 2007-03-23 16:42:01 UTC
Revision ID: james.westby@ubuntu.com-20070323164201-jkax6f0oku087b7l

Tags: upstream-2.0.1+510.dfsg

Import upstream version 2.0.1+510.dfsg

files added:

LICENSE

changehat

changehat/libapparmor

changehat/libapparmor/COPYING.LGPL

changehat/libapparmor/Makefile

changehat/libapparmor/apparmor.h

changehat/libapparmor/change_hat.c

changehat/libapparmor/libapparmor.map

changehat/libapparmor/libapparmor.spec.in

changehat/libapparmor/libimmunix_warning.c

changehat/mod_apparmor

changehat/mod_apparmor/COPYING.LGPL

changehat/mod_apparmor/Makefile

changehat/mod_apparmor/apache2-mod_apparmor.spec.in

changehat/mod_apparmor/frob_sysconfig

changehat/mod_apparmor/mod_apparmor.c

changehat/mod_apparmor/mod_apparmor.conf

changehat/pam_apparmor

changehat/pam_apparmor/COPYING

changehat/pam_apparmor/Makefile

changehat/pam_apparmor/README

changehat/pam_apparmor/get_options.c

changehat/pam_apparmor/pam_apparmor.c

changehat/pam_apparmor/pam_apparmor.changes

changehat/pam_apparmor/pam_apparmor.h

changehat/pam_apparmor/pam_apparmor.spec.in

changehat/tomcat_apparmor

changehat/tomcat_apparmor/tomcat_5_0

changehat/tomcat_apparmor/tomcat_5_0/Makefile

changehat/tomcat_apparmor/tomcat_5_0/Manifest

changehat/tomcat_apparmor/tomcat_5_0/README.tomcat_apparmor

changehat/tomcat_apparmor/tomcat_5_0/build.xml

changehat/tomcat_apparmor/tomcat_5_0/src

changehat/tomcat_apparmor/tomcat_5_0/src/com

changehat/tomcat_apparmor/tomcat_5_0/src/com/novell

changehat/tomcat_apparmor/tomcat_5_0/src/com/novell/apparmor

changehat/tomcat_apparmor/tomcat_5_0/src/com/novell/apparmor/JNIChangeHat.java

changehat/tomcat_apparmor/tomcat_5_0/src/com/novell/apparmor/catalina

changehat/tomcat_apparmor/tomcat_5_0/src/com/novell/apparmor/catalina/valves

changehat/tomcat_apparmor/tomcat_5_0/src/com/novell/apparmor/catalina/valves/ChangeHatValve.java

changehat/tomcat_apparmor/tomcat_5_0/src/jni_src

changehat/tomcat_apparmor/tomcat_5_0/src/jni_src/JNIChangeHat.c

changehat/tomcat_apparmor/tomcat_5_0/src/jni_src/Makefile

changehat/tomcat_apparmor/tomcat_5_0/tomcat_apparmor.spec.in

common

common/Make-po.rules

common/Make.rules

docs

docs/Makefile

docs/apparmor-docs.exclude

docs/apparmor-docs.spec.in

docs/apparmor.d.pod

docs/apparmor.pod

docs/apparmor.vim.pod

docs/apparmor_parser.pod

docs/apparmor_status.pod

docs/autodep.pod

docs/change_hat.pod

docs/complain.pod

docs/enforce.pod

docs/genprof.pod

docs/immunix.css

docs/immunix.pod

docs/logprof.conf.pod

docs/logprof.pod

docs/mod_apparmor.pod

docs/papers

docs/raceguard.pod

docs/subdomain.conf.pod

docs/unconfined.pod

kernel-patches

kernel-patches/2.6.16

kernel-patches/2.6.16/patches

kernel-patches/2.6.16/patches/apparmor_audit.patch

kernel-patches/2.6.16/patches/apparmor_namespacesem.patch

kernel-patches/2.6.16/patches/apparmor_security.patch

kernel-patches/2.6.16/patches/series

kernel-patches/2.6.16/postapply

kernel-patches/2.6.16/postapply/module

kernel-patches/2.6.16/postapply/module-deprecated

kernel-patches/2.6.16/postapply/module-deprecated/series

kernel-patches/2.6.16/postapply/module-deprecated/undo_netlinkrecv.patch

kernel-patches/2.6.16/postapply/module/series

kernel-patches/2.6.16/postapply/module/undo_2.6.20_mnt_namespace.patch

kernel-patches/2.6.16/postapply/module/undo_netlinkrecv.patch

kernel-patches/2.6.17

kernel-patches/2.6.17/patches

kernel-patches/2.6.17/patches/apparmor_audit.patch

kernel-patches/2.6.17/patches/apparmor_namespacesem.patch

kernel-patches/2.6.17/patches/apparmor_security.patch

kernel-patches/2.6.17/patches/series

kernel-patches/2.6.17/postapply

kernel-patches/2.6.17/postapply/module

kernel-patches/2.6.17/postapply/module-deprecated

kernel-patches/2.6.17/postapply/module-deprecated/series

kernel-patches/2.6.17/postapply/module-deprecated/undo_netlinkrecv.patch

kernel-patches/2.6.17/postapply/module/series

kernel-patches/2.6.17/postapply/module/undo_2.6.20_mnt_namespace.patch

kernel-patches/2.6.17/postapply/module/undo_netlinkrecv.patch

kernel-patches/2.6.18

kernel-patches/2.6.18/patches

kernel-patches/2.6.18/patches/apparmor_audit.patch

kernel-patches/2.6.18/patches/apparmor_namespacesem.patch

kernel-patches/2.6.18/patches/apparmor_security.patch

kernel-patches/2.6.18/patches/series

kernel-patches/2.6.18/postapply

kernel-patches/2.6.18/postapply/module

kernel-patches/2.6.18/postapply/module/series

kernel-patches/2.6.18/postapply/module/undo_2.6.20_mnt_namespace.patch

kernel-patches/2.6.19

kernel-patches/2.6.19/patches

kernel-patches/2.6.19/patches/apparmor_audit.patch

kernel-patches/2.6.19/patches/apparmor_namespacesem.patch

kernel-patches/2.6.19/patches/apparmor_security.patch

kernel-patches/2.6.19/patches/series

kernel-patches/2.6.19/postapply

kernel-patches/2.6.19/postapply/module

kernel-patches/2.6.19/postapply/module/series

kernel-patches/2.6.19/postapply/module/undo_2.6.20_mnt_namespace.patch

kernel-patches/2.6.20

kernel-patches/2.6.20/patches

kernel-patches/2.6.20/patches/apparmor_audit.patch

kernel-patches/2.6.20/patches/apparmor_namespacesem.patch

kernel-patches/2.6.20/patches/apparmor_security.patch

kernel-patches/2.6.20/patches/series

kernel-patches/README

kernel-patches/README.release

kernel-patches/README.snapshot

kernel-patches/for-mainline

kernel-patches/for-mainline/64bit-changehat.diff

kernel-patches/for-mainline/aa_alloc_task_context-flags.diff

kernel-patches/for-mainline/aa_get_profile.diff

kernel-patches/for-mainline/aa_is_confined.diff

kernel-patches/for-mainline/aa_switch.diff

kernel-patches/for-mainline/aa_task_context.diff

kernel-patches/for-mainline/aafs-perms.diff

kernel-patches/for-mainline/alloc-pathnames.diff

kernel-patches/for-mainline/apparmor-aa_permission.diff

kernel-patches/for-mainline/apparmor-aa_task_context.diff

kernel-patches/for-mainline/apparmor-audit-deadlock.diff

kernel-patches/for-mainline/apparmor-audit.diff

kernel-patches/for-mainline/apparmor-caps_cache.diff

kernel-patches/for-mainline/apparmor-d_namespace.diff

kernel-patches/for-mainline/apparmor-dir-rename-fix.diff

kernel-patches/for-mainline/apparmor-ditch-revalidation.diff

kernel-patches/for-mainline/apparmor-inode_symlink.diff

kernel-patches/for-mainline/apparmor-interface-revision.diff

kernel-patches/for-mainline/apparmor-intree.diff

kernel-patches/for-mainline/apparmor-no-nd.diff

kernel-patches/for-mainline/apparmor.diff

kernel-patches/for-mainline/apparmor_getprocattr.diff

kernel-patches/for-mainline/change_hat-comment.diff

kernel-patches/for-mainline/clarify-audit-status-handling.diff

kernel-patches/for-mainline/cleanup-aa_register-2.diff

kernel-patches/for-mainline/cleanup-aa_register.diff

kernel-patches/for-mainline/coding-style.diff

kernel-patches/for-mainline/comment-wrong.diff

kernel-patches/for-mainline/complain-to-learn.diff

kernel-patches/for-mainline/constrained-to-confined.diff

kernel-patches/for-mainline/d_namespace_path.diff

kernel-patches/for-mainline/d_path-lazy-unmounts.diff

kernel-patches/for-mainline/dfa-table-order.diff

kernel-patches/for-mainline/dir-leaf-nodes.diff

kernel-patches/for-mainline/export-profile-list.diff

kernel-patches/for-mainline/file-handle-ops-2.diff

kernel-patches/for-mainline/file-handle-ops.diff

kernel-patches/for-mainline/fix-aa_register.diff

kernel-patches/for-mainline/fix-capabilities.diff

kernel-patches/for-mainline/fix-change_hat-replacement.diff

kernel-patches/for-mainline/fix-cleanup-aa_register-2.diff

kernel-patches/for-mainline/fix-deleted-revalidation.diff

kernel-patches/for-mainline/fix-make-parent-point-to-itself.diff

kernel-patches/for-mainline/fix-rename-file-type-2.diff

kernel-patches/for-mainline/fix-rename-file-type.diff

kernel-patches/for-mainline/fix-tell-files-from-dirs.diff

kernel-patches/for-mainline/fix-unconfined-mmap.diff

kernel-patches/for-mainline/fix-vfs_rmdir.diff

kernel-patches/for-mainline/fix_apparmor_getprocattr.diff

kernel-patches/for-mainline/link-subset-check-2.diff

kernel-patches/for-mainline/link-subset-check.diff

kernel-patches/for-mainline/make-parent-point-to-itself.diff

kernel-patches/for-mainline/match-changes.diff

kernel-patches/for-mainline/match-features.diff

kernel-patches/for-mainline/misc-typos.diff

kernel-patches/for-mainline/mount-consistent-d_path.diff

kernel-patches/for-mainline/no-inline-aa_change_task_context.diff

kernel-patches/for-mainline/no-new-namespaces.diff

kernel-patches/for-mainline/no-unreachable-paths.diff

kernel-patches/for-mainline/notes.txt

kernel-patches/for-mainline/null_module

kernel-patches/for-mainline/null_module/Kbuild

kernel-patches/for-mainline/null_module/Makefile

kernel-patches/for-mainline/null_module/foobar-lsm.c

kernel-patches/for-mainline/overview.txt

kernel-patches/for-mainline/per-profile-task-contexts.diff

kernel-patches/for-mainline/proc_setattr.diff

kernel-patches/for-mainline/proc_sys_setattr.diff

kernel-patches/for-mainline/ptrace.diff

kernel-patches/for-mainline/put_task_context_safely.diff

kernel-patches/for-mainline/rcu-caps-cache-comment.diff

kernel-patches/for-mainline/rcu-document-lock_both_profiles.diff

kernel-patches/for-mainline/rcu-locking-docs.txt

kernel-patches/for-mainline/rcu-stale-forward-ptr-2.diff

kernel-patches/for-mainline/rcu-stale-forward-ptr.diff

kernel-patches/for-mainline/rcu-task-context-2.diff

kernel-patches/for-mainline/rcu-task-context-3.diff

kernel-patches/for-mainline/rcu-task-context-4.diff

kernel-patches/for-mainline/rcu-task-context-5.diff

kernel-patches/for-mainline/rcu-task-context.diff

kernel-patches/for-mainline/refactor-syscallreject.diff

kernel-patches/for-mainline/reintroduce-revalidation.diff

kernel-patches/for-mainline/remove-debug-flag.diff

kernel-patches/for-mainline/remove-iterators.diff

kernel-patches/for-mainline/remove_suid.diff

kernel-patches/for-mainline/rename-aa_fork.diff

kernel-patches/for-mainline/rename-aa_switch_to_profile.diff

kernel-patches/for-mainline/rename-aa_task_context-active.diff

kernel-patches/for-mainline/rename-activate-unpack.diff

kernel-patches/for-mainline/rename-audit_context.diff

kernel-patches/for-mainline/rename-ctx-to-cxt.diff

kernel-patches/for-mainline/rename-file-type.diff

kernel-patches/for-mainline/rename-get_aa_profile.diff

kernel-patches/for-mainline/rename-profile-lock.diff

kernel-patches/for-mainline/rename-put_aa_profile.diff

kernel-patches/for-mainline/rename-task_struct-vars.diff

kernel-patches/for-mainline/replace-activeptr.diff

kernel-patches/for-mainline/rework-locking-2.diff

kernel-patches/for-mainline/rework-locking.diff

kernel-patches/for-mainline/rewrite-profile-list-functions.diff

kernel-patches/for-mainline/security-create.diff

kernel-patches/for-mainline/security-getxattr.diff

kernel-patches/for-mainline/security-link.diff

kernel-patches/for-mainline/security-listxattr.diff

kernel-patches/for-mainline/security-mkdir.diff

kernel-patches/for-mainline/security-mknod.diff

kernel-patches/for-mainline/security-readlink.diff

kernel-patches/for-mainline/security-removexattr.diff

kernel-patches/for-mainline/security-rename.diff

kernel-patches/for-mainline/security-rmdir.diff

kernel-patches/for-mainline/security-setattr.diff

kernel-patches/for-mainline/security-setxattr.diff

kernel-patches/for-mainline/security-symlink.diff

kernel-patches/for-mainline/security-unlink.diff

kernel-patches/for-mainline/security-xattr-file.diff

kernel-patches/for-mainline/security_chroot.diff

kernel-patches/for-mainline/series

kernel-patches/for-mainline/shared.h-is-no-longer-shared.diff

kernel-patches/for-mainline/struct-flagval-not-needed.diff

kernel-patches/for-mainline/struct_path

kernel-patches/for-mainline/struct_path/series

kernel-patches/for-mainline/struct_path/struct_path-getattr-iop.diff

kernel-patches/for-mainline/struct_path/struct_path-nameidata.diff

kernel-patches/for-mainline/struct_path/struct_path-nfsfh.diff

kernel-patches/for-mainline/struct_path/struct_path-security-getattr.diff

kernel-patches/for-mainline/struct_path/struct_path-vfs_getattr.diff

kernel-patches/for-mainline/tell-files-from-dirs.diff

kernel-patches/for-mainline/typos.diff

kernel-patches/for-mainline/unlink.diff

kernel-patches/for-mainline/unreachabe-paths.diff

kernel-patches/for-mainline/vfs-getxattr.diff

kernel-patches/for-mainline/vfs-link.diff

kernel-patches/for-mainline/vfs-listxattr.diff

kernel-patches/for-mainline/vfs-mkdir.diff

kernel-patches/for-mainline/vfs-mknod.diff

kernel-patches/for-mainline/vfs-notify_change.diff

kernel-patches/for-mainline/vfs-removexattr.diff

kernel-patches/for-mainline/vfs-rename.diff

kernel-patches/for-mainline/vfs-rmdir.diff

kernel-patches/for-mainline/vfs-setxattr.diff

kernel-patches/for-mainline/vfs-symlink.diff

kernel-patches/for-mainline/vfs-unlink.diff

kernel-patches/for-mainline/warn-info-messages.diff

kernel-patches/for-mainline/zap-__setup.diff

kernel-patches/gen-k-patches.sh

module

module-deprecated

module-deprecated/Kbuild

module-deprecated/Kconfig

module-deprecated/Makefile

module-deprecated/aamatch

module-deprecated/aamatch/Kbuild

module-deprecated/aamatch/match.h

module-deprecated/aamatch/match_pcre.c

module-deprecated/aamatch/pcre_exec.c

module-deprecated/aamatch/pcre_exec.h

module-deprecated/aamatch/pcre_tables.h

module-deprecated/apparmor.h

module-deprecated/apparmor_version.c

module-deprecated/apparmorfs.c

module-deprecated/capabilities.c

module-deprecated/inline.h

module-deprecated/list.c

module-deprecated/lsm.c

module-deprecated/main.c

module-deprecated/module_interface.c

module-deprecated/module_interface.h

module-deprecated/procattr.c

module-deprecated/shared.h

module/apparmor

module/apparmor/Kbuild

module/apparmor/Kconfig

module/apparmor/Makefile

module/apparmor/apparmor.h

module/apparmor/apparmorfs.c

module/apparmor/capabilities.c

module/apparmor/inline.h

module/apparmor/list.c

module/apparmor/lsm.c

module/apparmor/main.c

module/apparmor/match

module/apparmor/match/Kbuild

module/apparmor/match/Makefile

module/apparmor/match/match.h

module/apparmor/match/match_default.c

module/apparmor/match/match_pcre.c

module/apparmor/match/pcre_exec.c

module/apparmor/match/pcre_exec.h

module/apparmor/match/pcre_tables.h

module/apparmor/module_interface.c

module/apparmor/module_interface.h

module/apparmor/procattr.c

module/apparmor/shared.h

parser

parser/COPYING.GPL

parser/Makefile

parser/README

parser/apparmor-parser.spec.in

parser/frob_slack_rc

parser/immunix.h

parser/libapparmor_re

parser/libapparmor_re/Makefile

parser/libapparmor_re/apparmor_re.h

parser/libapparmor_re/flex-tables.h

parser/libapparmor_re/regexp.h

parser/libapparmor_re/regexp.y

parser/parser.h

parser/parser_include.c

parser/parser_include.h

parser/parser_interface.c

parser/parser_lex.l

parser/parser_main.c

parser/parser_merge.c

parser/parser_misc.c

parser/parser_policy.c

parser/parser_regex.c

parser/parser_symtab.c

parser/parser_variable.c

parser/parser_yacc.y

parser/pcre

parser/pcre/Makefile

parser/pcre/chartables.c

parser/pcre/config.h

parser/pcre/internal.h

parser/pcre/pcre.c

parser/pcre/pcre.h

parser/po

parser/po/Makefile

parser/po/ar.po

parser/po/bg.po

parser/po/bn.po

parser/po/bs.po

parser/po/ca.po

parser/po/cs.po

parser/po/cy.po

parser/po/da.po

parser/po/de.po

parser/po/el.po

parser/po/en_GB.po

parser/po/en_US.po

parser/po/es.po

parser/po/et.po

parser/po/fi.po

parser/po/fr.po

parser/po/gl.po

parser/po/he.po

parser/po/hi.po

parser/po/hr.po

parser/po/hu.po

parser/po/id.po

parser/po/it.po

parser/po/ja.po

parser/po/ka.po

parser/po/km.po

parser/po/ko.po

parser/po/lo.po

parser/po/lt.po

parser/po/mk.po

parser/po/nb.po

parser/po/nl.po

parser/po/pa.po

parser/po/pl.po

parser/po/pt.po

parser/po/pt_BR.po

parser/po/ro.po

parser/po/ru.po

parser/po/sk.po

parser/po/sl.po

parser/po/sr.po

parser/po/subdomain_parser.pot

parser/po/sv.po

parser/po/ta.po

parser/po/tr.po

parser/po/uk.po

parser/po/vi.po

parser/po/zh_CN.po

parser/po/zh_TW.po

parser/rc.aaeventd.redhat

parser/rc.aaeventd.suse

parser/rc.apparmor.debian

parser/rc.apparmor.functions

parser/rc.apparmor.redhat

parser/rc.apparmor.slackware

parser/rc.apparmor.suse

parser/subdomain.conf

parser/tst

parser/tst/Makefile

parser/tst/README

parser/tst/simple.pl

parser/tst/simple_tests

parser/tst/simple_tests/boolean_bad_1.sd

parser/tst/simple_tests/boolean_bad_2.sd

parser/tst/simple_tests/boolean_bad_3.sd

parser/tst/simple_tests/boolean_bad_4.sd

parser/tst/simple_tests/boolean_bad_5.sd

parser/tst/simple_tests/boolean_bad_6.sd

parser/tst/simple_tests/boolean_bad_7.sd

parser/tst/simple_tests/boolean_bad_8.sd

parser/tst/simple_tests/boolean_good_1.sd

parser/tst/simple_tests/capabilities_ok.sd

parser/tst/simple_tests/change_hat_new_style1.sd

parser/tst/simple_tests/change_hat_new_style2.sd

parser/tst/simple_tests/change_hat_old_style1.sd

parser/tst/simple_tests/change_hat_old_style2.sd

parser/tst/simple_tests/change_hat_old_style3.sd

parser/tst/simple_tests/conditional-else-if-1.sd

parser/tst/simple_tests/conditional-else-if-2.sd

parser/tst/simple_tests/conditional-else-if-3.sd

parser/tst/simple_tests/conditional-else-if-4.sd

parser/tst/simple_tests/conditional-else-if-5.sd

parser/tst/simple_tests/conditional-else-if-6.sd

parser/tst/simple_tests/conditional-else-if-7.sd

parser/tst/simple_tests/conditional-else-if-8.sd

parser/tst/simple_tests/conditional_bad_1.sd

parser/tst/simple_tests/conditional_bad_2.sd

parser/tst/simple_tests/conditional_bad_3.sd

parser/tst/simple_tests/conditional_bad_dupe_hats_1.sd

parser/tst/simple_tests/conditional_bad_dupe_hats_2.sd

parser/tst/simple_tests/conditional_defined_1.sd

parser/tst/simple_tests/conditional_defined_2.sd

parser/tst/simple_tests/conditional_else_1.sd

parser/tst/simple_tests/conditional_else_2.sd

parser/tst/simple_tests/conditional_else_3.sd

parser/tst/simple_tests/conditional_else_bad_1.sd

parser/tst/simple_tests/conditional_else_bad_2.sd

parser/tst/simple_tests/conditional_good_1.sd

parser/tst/simple_tests/conditional_good_2.sd

parser/tst/simple_tests/conditional_good_3.sd

parser/tst/simple_tests/conditional_good_4.sd

parser/tst/simple_tests/conditional_good_5.sd

parser/tst/simple_tests/conditional_good_6.sd

parser/tst/simple_tests/conditional_good_7.sd

parser/tst/simple_tests/conditional_good_8.sd

parser/tst/simple_tests/conditional_good_9.sd

parser/tst/simple_tests/conditional_stress_1.sd

parser/tst/simple_tests/dos_line_endings.sd

parser/tst/simple_tests/flags_bad.sd

parser/tst/simple_tests/flags_bad2.sd

parser/tst/simple_tests/flags_bad3.sd

parser/tst/simple_tests/flags_bad4.sd

parser/tst/simple_tests/flags_hats_ok.sd

parser/tst/simple_tests/flags_ok.sd

parser/tst/simple_tests/flags_ok_whitespace.sd

parser/tst/simple_tests/includes

parser/tst/simple_tests/includes/base

parser/tst/simple_tests/includes/fonts

parser/tst/simple_tests/includes_bad_include.sd

parser/tst/simple_tests/includes_bad_include2.sd

parser/tst/simple_tests/includes_bad_include3.sd

parser/tst/simple_tests/includes_bad_include4.sd

parser/tst/simple_tests/includes_okay.sd

parser/tst/simple_tests/includes_okay2.sd

parser/tst/simple_tests/includes_okay3.sd

parser/tst/simple_tests/includes_okay_helper.include

parser/tst/simple_tests/includes_recursive.sd

parser/tst/simple_tests/profile_basic_ok1.sd

parser/tst/simple_tests/profiles_dupe_1.sd

parser/tst/simple_tests/profiles_dupe_2.sd

parser/tst/simple_tests/profiles_dupe_3.sd

parser/tst/simple_tests/simple_bad_conflicting_x_1.sd

parser/tst/simple_tests/simple_bad_conflicting_x_10.sd

parser/tst/simple_tests/simple_bad_conflicting_x_11.sd

parser/tst/simple_tests/simple_bad_conflicting_x_12.sd

parser/tst/simple_tests/simple_bad_conflicting_x_13.sd

parser/tst/simple_tests/simple_bad_conflicting_x_14.sd

parser/tst/simple_tests/simple_bad_conflicting_x_15.sd

parser/tst/simple_tests/simple_bad_conflicting_x_2.sd

parser/tst/simple_tests/simple_bad_conflicting_x_3.sd

parser/tst/simple_tests/simple_bad_conflicting_x_4.sd

parser/tst/simple_tests/simple_bad_conflicting_x_5.sd

parser/tst/simple_tests/simple_bad_conflicting_x_6.sd

parser/tst/simple_tests/simple_bad_conflicting_x_7.sd

parser/tst/simple_tests/simple_bad_conflicting_x_8.sd

parser/tst/simple_tests/simple_bad_conflicting_x_9.sd

parser/tst/simple_tests/simple_bad_embedded_spaces_1.sd

parser/tst/simple_tests/simple_bad_hat_parsing.sd

parser/tst/simple_tests/simple_bad_no_bare_x.sd

parser/tst/simple_tests/simple_bad_no_close_brace1.sd

parser/tst/simple_tests/simple_bad_no_close_brace2.sd

parser/tst/simple_tests/simple_bad_no_close_brace3.sd

parser/tst/simple_tests/simple_bad_no_close_brace4.sd

parser/tst/simple_tests/simple_bad_no_opening_brace1.sd

parser/tst/simple_tests/simple_bad_no_program_name.sd

parser/tst/simple_tests/simple_bad_nomode.sd

parser/tst/simple_tests/simple_ok_embedded_spaces_1.sd

parser/tst/simple_tests/simple_ok_embedded_spaces_2.sd

parser/tst/simple_tests/simple_ok_embedded_spaces_3.sd

parser/tst/simple_tests/simple_ok_mmap_1.sd

parser/tst/simple_tests/simple_ok_mmap_2.sd

parser/tst/simple_tests/simple_ok_no_rules.sd

parser/tst/simple_tests/tcp_bad_interface.sd

parser/tst/simple_tests/tcp_client_error1.sd

parser/tst/simple_tests/tcp_client_error2.sd

parser/tst/simple_tests/tcp_client_error3.sd

parser/tst/simple_tests/tcp_client_error4.sd

parser/tst/simple_tests/tcp_client_error5.sd

parser/tst/simple_tests/tcp_client_error6.sd

parser/tst/simple_tests/tcp_client_error7.sd

parser/tst/simple_tests/tcp_client_ok1.sd

parser/tst/simple_tests/tcp_client_ok2.sd

parser/tst/simple_tests/tcp_client_ok3.sd

parser/tst/simple_tests/tcp_client_ok4.sd

parser/tst/simple_tests/tcp_client_ok5.sd

parser/tst/simple_tests/tcp_server_ok1.sd

parser/tst/simple_tests/tcp_server_ok2.sd

parser/tst/simple_tests/tcp_server_ok3.sd

parser/tst/simple_tests/tcp_server_ok4.sd

parser/tst/simple_tests/test1.sd

parser/tst/simple_tests/test3.sd

parser/tst/simple_tests/vars_assignment_reference_1.sd

parser/tst/simple_tests/vars_file_evaluation_1.sd

parser/tst/simple_tests/vars_file_evaluation_10.sd

parser/tst/simple_tests/vars_file_evaluation_11.sd

parser/tst/simple_tests/vars_file_evaluation_12.sd

parser/tst/simple_tests/vars_file_evaluation_13.sd

parser/tst/simple_tests/vars_file_evaluation_14.sd

parser/tst/simple_tests/vars_file_evaluation_2.sd

parser/tst/simple_tests/vars_file_evaluation_3.sd

parser/tst/simple_tests/vars_file_evaluation_4.sd

parser/tst/simple_tests/vars_file_evaluation_5.sd

parser/tst/simple_tests/vars_file_evaluation_6.sd

parser/tst/simple_tests/vars_file_evaluation_7.sd

parser/tst/simple_tests/vars_file_evaluation_8.sd

parser/tst/simple_tests/vars_file_evaluation_9.sd

parser/tst/simple_tests/vars_reassignment_1.sd

parser/tst/simple_tests/vars_recursion_1.sd

parser/tst/simple_tests/vars_recursion_2.sd

parser/tst/simple_tests/vars_recursion_3.sd

parser/tst/simple_tests/vars_recursion_4.sd

parser/tst/simple_tests/vars_simple_assignment_1.sd

parser/tst/simple_tests/vars_simple_assignment_10.sd

parser/tst/simple_tests/vars_simple_assignment_11.sd

parser/tst/simple_tests/vars_simple_assignment_12.sd

parser/tst/simple_tests/vars_simple_assignment_2.sd

parser/tst/simple_tests/vars_simple_assignment_3.sd

parser/tst/simple_tests/vars_simple_assignment_4.sd

parser/tst/simple_tests/vars_simple_assignment_5.sd

parser/tst/simple_tests/vars_simple_assignment_6.sd

parser/tst/simple_tests/vars_simple_assignment_7.sd

parser/tst/simple_tests/vars_simple_assignment_8.sd

parser/tst/simple_tests/vars_simple_assignment_9.sd

parser/tst/simple_tests/vars_stress_01.sd

parser/tst/simple_tests/vars_stress_02.sd

parser/tst/simple_tests/vars_stress_03.sd

parser/tst/uservars.conf

profiles

profiles/Makefile

profiles/abstractions

profiles/abstractions/X

profiles/abstractions/audio

profiles/abstractions/authentication

profiles/abstractions/base

profiles/abstractions/bash

profiles/abstractions/consoles

profiles/abstractions/fonts

profiles/abstractions/gnome

profiles/abstractions/kde

profiles/abstractions/kerberosclient

profiles/abstractions/mdns

profiles/abstractions/mysql

profiles/abstractions/nameservice

profiles/abstractions/nis

profiles/abstractions/perl

profiles/abstractions/php5

profiles/abstractions/python

profiles/abstractions/ruby

profiles/abstractions/svn-repositories

profiles/abstractions/user-download

profiles/abstractions/user-mail

profiles/abstractions/user-manpages

profiles/abstractions/user-tmp

profiles/abstractions/user-write

profiles/abstractions/web-data

profiles/abstractions/winbind

profiles/abstractions/wutmp

profiles/abstractions/xad

profiles/apparmor-profiles.spec.in

profiles/enabled

profiles/enabled/bin.ping

profiles/enabled/sbin.klogd

profiles/enabled/sbin.syslog-ng

profiles/enabled/sbin.syslogd

profiles/enabled/usr.sbin.identd

profiles/enabled/usr.sbin.mdnsd

profiles/enabled/usr.sbin.named

profiles/enabled/usr.sbin.nscd

profiles/enabled/usr.sbin.ntpd

profiles/enabled/usr.sbin.traceroute

profiles/extras

profiles/extras/README

profiles/extras/bin.netstat

profiles/extras/etc.cron.daily.logrotate

profiles/extras/etc.cron.daily.slocate.cron

profiles/extras/etc.cron.daily.tmpwatch

profiles/extras/opt.gnome.bin.evolution-2.4

profiles/extras/opt.gnome.bin.gaim

profiles/extras/opt.gnome.lib.GConf.2.gconfd-2

profiles/extras/opt.gnome.lib.bonobo.bonobo-activation-server

profiles/extras/opt.gnome.lib.evolution-data-server-1.2.evolution-data-server-1.4

profiles/extras/sbin.dhclient

profiles/extras/sbin.dhcpcd

profiles/extras/sbin.portmap

profiles/extras/sbin.resmgrd

profiles/extras/sbin.rpc.lockd

profiles/extras/sbin.rpc.statd

profiles/extras/usr.NX.bin.nxclient

profiles/extras/usr.X11R6.bin.acroread

profiles/extras/usr.X11R6.bin.ethereal

profiles/extras/usr.X11R6.bin.xfs

profiles/extras/usr.bin.apropos

profiles/extras/usr.bin.fam

profiles/extras/usr.bin.freshclam

profiles/extras/usr.bin.man

profiles/extras/usr.bin.mlmmj-bounce

profiles/extras/usr.bin.mlmmj-maintd

profiles/extras/usr.bin.mlmmj-make-ml.sh

profiles/extras/usr.bin.mlmmj-process

profiles/extras/usr.bin.mlmmj-recieve

profiles/extras/usr.bin.mlmmj-send

profiles/extras/usr.bin.mlmmj-sub

profiles/extras/usr.bin.mlmmj-unsub

profiles/extras/usr.bin.opera

profiles/extras/usr.bin.passwd

profiles/extras/usr.bin.procmail

profiles/extras/usr.bin.spamc

profiles/extras/usr.bin.svnserve

profiles/extras/usr.lib.RealPlayer10.realplay

profiles/extras/usr.lib.firefox.firefox-bin

profiles/extras/usr.lib.firefox.firefox.sh

profiles/extras/usr.lib.firefox.mozilla-xremote-client

profiles/extras/usr.lib.man-db.man

profiles/extras/usr.lib.openldap.slapd

profiles/extras/usr.lib.postfix.anvil

profiles/extras/usr.lib.postfix.bounce

profiles/extras/usr.lib.postfix.cleanup

profiles/extras/usr.lib.postfix.discard

profiles/extras/usr.lib.postfix.error

profiles/extras/usr.lib.postfix.flush

profiles/extras/usr.lib.postfix.lmtp

profiles/extras/usr.lib.postfix.local

profiles/extras/usr.lib.postfix.master

profiles/extras/usr.lib.postfix.nqmgr

profiles/extras/usr.lib.postfix.oqmgr

profiles/extras/usr.lib.postfix.pickup

profiles/extras/usr.lib.postfix.pipe

profiles/extras/usr.lib.postfix.proxymap

profiles/extras/usr.lib.postfix.qmgr

profiles/extras/usr.lib.postfix.qmqpd

profiles/extras/usr.lib.postfix.scache

profiles/extras/usr.lib.postfix.showq

profiles/extras/usr.lib.postfix.smtp

profiles/extras/usr.lib.postfix.smtpd

profiles/extras/usr.lib.postfix.spawn

profiles/extras/usr.lib.postfix.tlsmgr

profiles/extras/usr.lib.postfix.trivial-rewrite

profiles/extras/usr.lib.postfix.verify

profiles/extras/usr.lib.postfix.virtual

profiles/extras/usr.sbin.dhcpd

profiles/extras/usr.sbin.httpd2-prefork

profiles/extras/usr.sbin.imapd

profiles/extras/usr.sbin.in.fingerd

profiles/extras/usr.sbin.in.ftpd

profiles/extras/usr.sbin.in.ntalkd

profiles/extras/usr.sbin.ipop2d

profiles/extras/usr.sbin.ipop3d

profiles/extras/usr.sbin.lighttpd

profiles/extras/usr.sbin.mysqld

profiles/extras/usr.sbin.nmbd

profiles/extras/usr.sbin.oidentd

profiles/extras/usr.sbin.popper

profiles/extras/usr.sbin.postalias

profiles/extras/usr.sbin.postdrop

profiles/extras/usr.sbin.postmap

profiles/extras/usr.sbin.postqueue

profiles/extras/usr.sbin.sendmail

profiles/extras/usr.sbin.sendmail.postfix

profiles/extras/usr.sbin.sendmail.sendmail

profiles/extras/usr.sbin.smbd

profiles/extras/usr.sbin.spamd

profiles/extras/usr.sbin.squid

profiles/extras/usr.sbin.sshd

profiles/extras/usr.sbin.useradd

profiles/extras/usr.sbin.userdel

profiles/extras/usr.sbin.vsftpd

profiles/extras/usr.sbin.xinetd

profiles/profiles.exclude

profiles/program-chunks

profiles/program-chunks-disabled

profiles/program-chunks-disabled/apache-default-uri

profiles/program-chunks-disabled/mozilla

profiles/program-chunks-disabled/rsync

profiles/program-chunks-disabled/user-abiword-docs

profiles/program-chunks-disabled/user-acroread

profiles/program-chunks-disabled/user-bash

profiles/program-chunks-disabled/user-ee

profiles/program-chunks-disabled/user-ethereal

profiles/program-chunks-disabled/user-evolution

profiles/program-chunks-disabled/user-fetchmail

profiles/program-chunks-disabled/user-gconf

profiles/program-chunks-disabled/user-gnupg

profiles/program-chunks-disabled/user-irssi

profiles/program-chunks-disabled/user-mail-executables

profiles/program-chunks-disabled/user-mozilla

profiles/program-chunks-disabled/user-rcommands

profiles/program-chunks-disabled/user-samba

profiles/program-chunks-disabled/user-spamassassin

profiles/program-chunks-disabled/user-spamd

profiles/program-chunks-disabled/user-telnetd

profiles/program-chunks-disabled/user-w3m

profiles/program-chunks-disabled/user-xmms

profiles/program-chunks/postfix-common

profiles/tunables

profiles/tunables/global

profiles/tunables/home

tests

tests/regression

tests/regression/distro

tests/regression/distro/sshd.t

tests/regression/subdomain

tests/regression/subdomain/AppArmor.rtf

tests/regression/subdomain/Makefile

tests/regression/subdomain/README

tests/regression/subdomain/TODO

tests/regression/subdomain/TODO/clone.c

tests/regression/subdomain/TODO/clone.sh

tests/regression/subdomain/TODO/exec_i.c

tests/regression/subdomain/TODO/exec_i.sh

tests/regression/subdomain/TODO/exec_u.c

tests/regression/subdomain/TODO/exec_u.sh

tests/regression/subdomain/TODO/fd-over-unix

tests/regression/subdomain/TODO/globbing

tests/regression/subdomain/TODO/kill.c

tests/regression/subdomain/TODO/kill.sh

tests/regression/subdomain/TODO/pread

tests/regression/subdomain/TODO/readv

tests/regression/subdomain/TODO/sendfile

tests/regression/subdomain/TODO/syscall_others.c

tests/regression/subdomain/TODO/zombie.c

tests/regression/subdomain/TODO/zombie.sh

tests/regression/subdomain/access.c

tests/regression/subdomain/access.sh

tests/regression/subdomain/capabilities.sh

tests/regression/subdomain/changehat.c

tests/regression/subdomain/changehat.h

tests/regression/subdomain/changehat.sh

tests/regression/subdomain/changehat_fail.c

tests/regression/subdomain/changehat_fork.c

tests/regression/subdomain/changehat_fork.sh

tests/regression/subdomain/changehat_misc.c

tests/regression/subdomain/changehat_misc.sh

tests/regression/subdomain/changehat_misc2.c

tests/regression/subdomain/changehat_pthread.c

tests/regression/subdomain/changehat_twice.c

tests/regression/subdomain/changehat_wrapper.c

tests/regression/subdomain/chdir.c

tests/regression/subdomain/chdir.sh

tests/regression/subdomain/chgrp.c

tests/regression/subdomain/chmod.c

tests/regression/subdomain/chown.c

tests/regression/subdomain/clone.c

tests/regression/subdomain/clone.sh

tests/regression/subdomain/coredump.c

tests/regression/subdomain/coredump.sh

tests/regression/subdomain/deleted.c

tests/regression/subdomain/deleted.sh

tests/regression/subdomain/dropprivs_wrapper.c

tests/regression/subdomain/env_check.c

tests/regression/subdomain/env_check.sh

tests/regression/subdomain/environ.c

tests/regression/subdomain/environ.sh

tests/regression/subdomain/epilogue.inc

tests/regression/subdomain/exec.c

tests/regression/subdomain/exec.sh

tests/regression/subdomain/exec_qual.c

tests/regression/subdomain/exec_qual.sh

tests/regression/subdomain/exec_qual2.c

tests/regression/subdomain/fchgrp.c

tests/regression/subdomain/fchmod.c

tests/regression/subdomain/fchown.c

tests/regression/subdomain/for-mainline

tests/regression/subdomain/for-mainline/chroot_d_namespace.patch

tests/regression/subdomain/for-mainline/confined.patch

tests/regression/subdomain/for-mainline/deleted-open-revalidate.patch

tests/regression/subdomain/for-mainline/deleted_no_revalidation-pass.patch

tests/regression/subdomain/for-mainline/dir-files.patch

tests/regression/subdomain/for-mainline/exec_qual.patch

tests/regression/subdomain/for-mainline/link_perms.patch

tests/regression/subdomain/for-mainline/ptrace.patch

tests/regression/subdomain/for-mainline/series

tests/regression/subdomain/for-mainline/vfs-mnt.patch

tests/regression/subdomain/fork.c

tests/regression/subdomain/fork.sh

tests/regression/subdomain/i18n.sh

tests/regression/subdomain/link.c

tests/regression/subdomain/link.sh

tests/regression/subdomain/longpath.sh

tests/regression/subdomain/mkdir.c

tests/regression/subdomain/mkdir.sh

tests/regression/subdomain/mkprofile.pl

tests/regression/subdomain/mmap.c

tests/regression/subdomain/mmap.sh

tests/regression/subdomain/mount.c

tests/regression/subdomain/mount.sh

tests/regression/subdomain/mult_mount.sh

tests/regression/subdomain/named_pipe.c

tests/regression/subdomain/named_pipe.sh

tests/regression/subdomain/net_raw.c

tests/regression/subdomain/net_raw.sh

tests/regression/subdomain/netdomain

tests/regression/subdomain/netdomain/README

tests/regression/subdomain/netdomain/config

tests/regression/subdomain/netdomain/config/default.exp

tests/regression/subdomain/netdomain/config/unix.exp

tests/regression/subdomain/netdomain/config/unknown.exp

tests/regression/subdomain/netdomain/lib

tests/regression/subdomain/netdomain/lib/netdomain_init.exp

tests/regression/subdomain/netdomain/netdomain.test

tests/regression/subdomain/netdomain/netdomain.test/multi_test.exp

tests/regression/subdomain/netdomain/test_multi

tests/regression/subdomain/netdomain/test_multi/output

tests/regression/subdomain/netdomain/test_multi/output/tcp_accept.receive.out

tests/regression/subdomain/netdomain/test_multi/output/tcp_accept.send.out

tests/regression/subdomain/netdomain/test_multi/output/tcp_connect.receive.out

tests/regression/subdomain/netdomain/test_multi/output/tcp_connect.send.out

tests/regression/subdomain/netdomain/test_multi/output/udp_receive.receive.out

tests/regression/subdomain/netdomain/test_multi/output/udp_receive.send.out

tests/regression/subdomain/netdomain/test_multi/output/udp_send.receive.out

tests/regression/subdomain/netdomain/test_multi/output/udp_send.send.out

tests/regression/subdomain/netdomain/test_multi/tcp_accept.testcase

tests/regression/subdomain/netdomain/test_multi/tcp_connect.testcase

tests/regression/subdomain/netdomain/test_multi/test_multi.generic-profile

tests/regression/subdomain/netdomain/test_multi/udp_receive.testcase

tests/regression/subdomain/netdomain/test_multi/udp_send.testcase

tests/regression/subdomain/netdomain/test_multi_receive.c

tests/regression/subdomain/netdomain/test_multi_send.c

tests/regression/subdomain/open.c

tests/regression/subdomain/open.sh

tests/regression/subdomain/openat.c

tests/regression/subdomain/openat.sh

tests/regression/subdomain/owlsm.sh

tests/regression/subdomain/pipe.c

tests/regression/subdomain/pipe.sh

tests/regression/subdomain/prologue.inc

tests/regression/subdomain/ptrace.c

tests/regression/subdomain/ptrace.sh

tests/regression/subdomain/ptrace_helper.c

tests/regression/subdomain/pwrite.c

tests/regression/subdomain/pwrite.sh

tests/regression/subdomain/readdir.c

tests/regression/subdomain/readdir.sh

tests/regression/subdomain/regex.sh

tests/regression/subdomain/rename.c

tests/regression/subdomain/rename.sh

tests/regression/subdomain/rw.c

tests/regression/subdomain/rw.sh

tests/regression/subdomain/scripts

tests/regression/subdomain/scripts/make_tar.sh

tests/regression/subdomain/scripts/pull_metadata.pl

tests/regression/subdomain/sd_flags.sh

tests/regression/subdomain/setattr.sh

tests/regression/subdomain/strace.sh

tests/regression/subdomain/swap.c

tests/regression/subdomain/swap.sh

tests/regression/subdomain/symlink.c

tests/regression/subdomain/symlink.sh

tests/regression/subdomain/syscall.sh

tests/regression/subdomain/syscall_chroot.c

tests/regression/subdomain/syscall_ioperm.c

tests/regression/subdomain/syscall_iopl.c

tests/regression/subdomain/syscall_mknod.c

tests/regression/subdomain/syscall_mlockall.c

tests/regression/subdomain/syscall_ptrace.c

tests/regression/subdomain/syscall_query_module.c

tests/regression/subdomain/syscall_reboot.c

tests/regression/subdomain/syscall_setdomainname.c

tests/regression/subdomain/syscall_sethostname.c

tests/regression/subdomain/syscall_setpriority.c

tests/regression/subdomain/syscall_setscheduler.c

tests/regression/subdomain/syscall_sysctl.c

tests/regression/subdomain/tcp.c

tests/regression/subdomain/tcp.sh

tests/regression/subdomain/unix_fd_client.c

tests/regression/subdomain/unix_fd_server.c

tests/regression/subdomain/unix_fd_server.sh

tests/regression/subdomain/unlink.c

tests/regression/subdomain/unlink.sh

tests/regression/subdomain/uservars.inc

tests/regression/subdomain/xattrs.c

tests/regression/subdomain/xattrs.sh

tests/stress

tests/stress/subdomain

tests/stress/subdomain/Makefile

tests/stress/subdomain/change_hat.c

tests/stress/subdomain/change_hat.profile.pre

tests/stress/subdomain/child.c

tests/stress/subdomain/child.profile.pre

tests/stress/subdomain/kill.sh

tests/stress/subdomain/open.c

tests/stress/subdomain/open.profile.pre

tests/stress/subdomain/s-2.4.20.sh

tests/stress/subdomain/s.sh

tests/stress/subdomain/sh.profile.pre

tests/stress/subdomain/stress.sh

tests/stress/subdomain/stress.sh-2.4.20

tests/stress/subdomain/uservars.inc

utils

utils/Makefile

utils/Reports.pm

utils/Severity.pm

utils/SubDomain.pm

utils/aa-eventd

utils/apparmor-utils.spec.in

utils/apparmor.vim

utils/apparmor_status

utils/audit

utils/autodep

utils/complain

utils/enforce

utils/genprof

utils/logprof

utils/logprof.conf

utils/po

utils/po/Makefile

utils/po/ar.po

utils/po/bg.po

utils/po/bn.po

utils/po/bs.po

utils/po/ca.po

utils/po/cs.po

utils/po/cy.po

utils/po/da.po

utils/po/de.po

utils/po/el.po

utils/po/en_GB.po

utils/po/en_US.po

utils/po/es.po

utils/po/et.po

utils/po/fi.po

utils/po/fr.po

utils/po/gl.po

utils/po/he.po

utils/po/hi.po

utils/po/hr.po

utils/po/hu.po

utils/po/id.po

utils/po/it.po

utils/po/ja.po

utils/po/ka.po

utils/po/km.po

utils/po/ko.po

utils/po/lo.po

utils/po/lt.po

utils/po/mk.po

utils/po/nb.po

utils/po/nl.po

utils/po/pa.po

utils/po/pl.po

utils/po/pt.po

utils/po/pt_BR.po

utils/po/pt_PT.po

utils/po/ro.po

utils/po/ru.po

utils/po/sk.po

utils/po/sl.po

utils/po/sr.po

utils/po/sv.po

utils/po/ta.po

utils/po/tr.po

utils/po/uk.po

utils/po/vi.po

utils/po/zh_CN.po

utils/po/zh_TW.po

utils/rc.sd-event-dispatch.suse

utils/repair_obsolete_profiles

utils/severity.db

utils/severity.pl

utils/unconfined

Show diffs side-by-side

added added

removed removed

kernel-patches/for-mainline/apparmor-inode_symlink.diff

Add missing inode_symlink hook

The lsm is missing the inode_symlink hook. Symlinks should be

treated like file creates, i.e., check for profile write access.

Index: b/security/apparmor/lsm.c

===================================================================

--- a/security/apparmor/lsm.c

+++ b/security/apparmor/lsm.c

@@ -341,6 +341,26 @@ out:

return error;

}

+static int apparmor_inode_symlink(struct inode *dir, struct dentry *dentry,

+ struct vfsmount *mnt, const char *old_name)

+ struct aa_profile *active;

+ int error = 0;

+ if (!mnt || !mediated_filesystem(dir))

+ goto out;

+ active = get_active_aa_profile();

+ if (active)

+ error = aa_perm(active, dentry, mnt, MAY_WRITE);

+ put_aa_profile(active);

+out:

+ return error;

static int apparmor_inode_mknod(struct inode *dir, struct dentry *dentry,

struct vfsmount *mnt, int mode, dev_t dev)

{

@@ -791,6 +811,7 @@ struct security_operations apparmor_ops

.inode_create = apparmor_inode_create,

.inode_link = apparmor_inode_link,

.inode_unlink = apparmor_inode_unlink,

+ .inode_symlink = apparmor_inode_symlink,

.inode_mknod = apparmor_inode_mknod,

.inode_rename = apparmor_inode_rename,

.inode_permission = apparmor_inode_permission,

Older »