The Linux Security Modules project provides a lightweight, general purpose framework for access control. The LSM interface enables security policies to be developed as loadable kernel modules. See http://lsm.immunix.org for more information. 2.4.20 lsm patch released. This is includes bugfixes and merging up to the current stable 2.4 Linux tree, as well as interface changes. There is one known bug with nfsd's filp allocation in nfsd_open. Full lsm-2.4 patch (LSM + all modules) is available at: http://lsm.immunix.org/patches/2.4/2.4.20/patch-2.4.20-lsm1.gz The whole ChangeLog for this release is at: http://lsm.immunix.org/patches/2.4/2.4.20/ChangeLog-2.4.20-lsm1 The LSM 2.4 stable BK tree can be pulled from: bk://lsm.bkbits.net/lsm-2.4 2.4.20-lsm1 - merge up through 2.4.20 (me) - SELinux: - Assign an initial SID to SCMP packets. (Wayne Salamon) - Handle inodes allocated by AFS, Selopt macro fix (Stephen Smalley) - Synchronize inode security structure initializations (Stephen Smalley) - Selopt __exit fixes. (Stephen Smalley) - inode_precondition cleanups (Stephen Smalley) - fixed bug in auditing code (Stephen Smalley) - sysctl hook change to use genfs_contexts (Stephen Smalley) - Selopt bug fixes (Wayne Salamon) - ipc_permission fixes (Stephen Smalley) - various bug fixes and code cleanup (Stephen Smalley) - Add hook to init_private_file/release_private_file (Stephen Smalley) - Add TCP open_request hooks (Wayne Salamon) - Added gfp_mask param to skb_alloc_security() hook (James Morris) - Added sb_kern_mount hook to do_kern_mount (Stephen Smalley) - Added tcp_create_openreq hook (Wayne Salamon) - Fix dnotify_struct leak (John Levon) thanks, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Dec 19 2002 - 19:35:40 PST