summaryrefslogtreecommitdiff
path: root/src/selinux.c
Commit message (Expand)AuthorAgeFilesLines
* Avoid calling isatty()/ttyname() on std{in,out,err} if not a char dev.Todd C. Miller2023-04-181-1/+1
* Use getopt() and getopt_long() for sesh command line options.Todd C. Miller2022-10-101-17/+18
* Defer chdir(2) until sesh when running with SELinux.Todd C. Miller2022-08-011-3/+15
* Make sudo pass -Wwrite-stringsTodd C. Miller2022-06-281-2/+5
* Enable intercept and log_subcmds for SELinux using ptrace and seccomp.Todd C. Miller2022-04-291-4/+6
* Back out changes to enable SELinux by default.Todd C. Miller2021-12-221-34/+19
* Rename selinux_setcon -> selinux_setexecconTodd C. Miller2021-11-051-4/+4
* In the SELinux role is "unconfined_r", disable SELinux support.Todd C. Miller2021-11-051-5/+18
* Separate out the code to compute the context from selinux_setup().Todd C. Miller2021-11-051-52/+37
* Pass status of selinux sudoers setting to front-end as selinux-rbac.Todd C. Miller2021-11-051-21/+23
* Make get_exec_context static, it is unused outside selinux.c.Todd C. Miller2021-11-011-1/+1
* Allocate a socketpair to communicate with sudo_intercept.so over.Todd C. Miller2021-08-091-1/+1
* Add support for loading the sudo_intercept.so DSO.Todd C. Miller2021-08-091-1/+1
* Removed depricated security_context_tRadovan Sroka2021-04-011-12/+12
* Fix some warnings from pvs-studioTodd C. Miller2020-08-121-1/+1
* Fix some warnings from pvs-studioTodd C. Miller2020-08-121-8/+8
* Quiet some clang 10 analyzer warnings.Todd C. Miller2020-08-071-0/+4
* We no longer need to include headers we don't use for sudo*.h files.Todd C. Miller2020-05-181-1/+0
* Fix sudoedit when running with SELinux RBAC mode.Todd C. Miller2020-04-211-15/+27
* debug_decl and debug_decl_vars now require a semicolon at the end.Todd C. Miller2019-12-221-6/+6
* Save/restore the raw form of the file context in case mctrans is not available.Todd C. Miller2019-12-111-14/+23
* Use dup3() instead of dup2().Todd C. Miller2019-11-021-2/+17
* Fix restoring the file context of the user's tty with SELinux.Todd C. Miller2019-09-271-5/+8
* Add some debugging around context setting and tty labelingTodd C. Miller2019-09-271-44/+52
* Add SPDX-License-Identifier to files.Todd C. Miller2019-04-291-0/+2
* Convert PVS-Studio comment to ANSI C.Todd C. Miller2018-10-261-2/+4
* Add comments in .c files so PVS-Studio will check them.Todd C. Miller2018-10-211-0/+3
* update my email to Todd.Miller@sudo.wsTodd C. Miller2017-12-031-1/+1
* After opening a tty device, fstat() and error out if it is notTodd C. Miller2017-05-301-3/+20
* Be consistent with the naming of the variable used to store theTodd C. Miller2016-09-081-3/+3
* Use O_NOCTTY when opening a tty.Todd C. Miller2016-05-161-2/+2
* Fix last commit, now that argc is not reset we need to explicitlyTodd C. Miller2016-05-131-1/+1
* cosmetic change to warning stringTodd C. Miller2016-05-121-1/+1
* Repair SELinux support, broken by 397722cdd7ec.Todd C. Miller2016-05-111-8/+6
* In relabel_tty() always jump to bad: on error, regardless of theTodd C. Miller2016-05-041-13/+7
* Use string_to_security_class() instead of pulling SECCLASS_CHR_FILETodd C. Miller2016-04-221-6/+13
* Add support for using fexecve() if supported on commands that areTodd C. Miller2016-01-041-5/+12
* Change noexec flag in selinux_execve() from int to bool.Todd C. Miller2015-12-161-1/+1
* Only include stddef.h where it is needed.Todd C. Miller2015-06-201-1/+0
* Add function name to "unable to allocate memory" warnings.Todd C. Miller2015-06-191-3/+3
* Avoid using exiting allocators in the front end.Todd C. Miller2015-06-171-5/+14
* Add target for "make splint". A few files need extra guards to avoidTodd C. Miller2015-05-211-0/+4
* Go back to a 2 args debug_decl and just use the "default" instance,Todd C. Miller2015-02-011-7/+7
* Add support for multiple Debug lines per program. Callers mayTodd C. Miller2014-10-221-6/+6
* Audit failed user role changes. RedHat bz #665131Todd C. Miller2014-07-121-4/+9
* efree -> sudo_efree for consistencyTodd C. Miller2014-07-101-2/+2
* Add sudo_ prefix to alloc.c functions and rename alloc.h -> sudo_alloc.hTodd C. Miller2014-06-271-3/+3
* Rename warning/fatal -> sudo_warn/sudo_fatal to avoid namespaceTodd C. Miller2014-06-271-28/+28
* Rename emalloc2() -> emallocarray() and erealloc3() -> ereallocarray().Todd C. Miller2014-04-221-2/+2
* Make noexec parameter to sudo_execve() bool.Todd C. Miller2014-01-081-1/+1
View Lorry Controller Status