TWxSoftware/twx-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e20eaa2382
twx-linux/security
History
Linus Torvalds 80c094a47d Revert "apparmor: add base infastructure for socket mediation" 
This reverts commit 651e28c5537abb39076d3949fb7618536f1d242e.

This caused a regression:
 "The specific problem is that dnsmasq refuses to start on openSUSE Leap
  42.2.  The specific cause is that and attempt to open a PF_LOCAL socket
  gets EACCES.  This means that networking doesn't function on a system
  with a 4.14-rc2 system."

Sadly, the developers involved seemed to be in denial for several weeks
about this, delaying the revert.  This has not been a good release for
the security subsystem, and this area needs to change development
practices.

Reported-and-bisected-by: James Bottomley <James.Bottomley@hansenpartnership.com>
Tracked-by: Thorsten Leemhuis <regressions@leemhuis.info>
Cc: John Johansen <john.johansen@canonical.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Seth Arnold <seth.arnold@canonical.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-10-26 19:35:35 +02:00
..
apparmor Revert "apparmor: add base infastructure for socket mediation" 2017-10-26 19:35:35 +02:00
integrity Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2017-07-05 11:26:35 -07:00
keys KEYS: load key flags and expiry time atomically in proc_keys_show() 2017-10-18 09:12:41 +01:00
loadpin security: mark LSM hooks as __ro_after_init 2017-03-06 11:00:15 +11:00
selinux selinux/stable-4.14 PR 20170831 2017-09-12 13:21:00 -07:00
smack lsm: fix smack_inode_removexattr and xattr_getsecurity memleak 2017-10-04 18:03:15 +11:00
tomoyo exec: Rename bprm->cred_prepared to called_set_creds 2017-08-01 12:02:48 -07:00
yama doc: ReSTify Yama.txt 2017-05-18 10:33:04 -06:00
commoncap.c commoncap: move assignment of fs_ns to avoid null pointer dereference 2017-10-19 13:09:33 +11:00
device_cgroup.c
inode.c securityfs: add the ability to support symlinks 2017-06-08 12:51:43 -07:00
Kconfig include/linux/string.h: add the option of fortified string.h functions 2017-07-12 16:26:03 -07:00
lsm_audit.c lsm_audit: update my email address 2017-08-17 15:33:39 -04:00
Makefile LSM: LoadPin for kernel file loading restrictions 2016-04-21 10:47:27 +10:00
min_addr.c
security.c selinux/stable-4.14 PR 20170831 2017-09-12 13:21:00 -07:00