The Linux Security Modules project provides a lightweight, general
purpose framework for access control. The LSM interface enables
security policies to be developed as loadable kernel modules.
See http://lsm.immunix.org for more information.
Updated 2.4.18 lsm patch released.
Full lsm-2.4 patch (LSM + all modules) is available at:
http://lsm.immunix.org/patches/2.4/2.4.18/patch-2.4.18-lsm3.gz
The whole ChangeLog for this release is at:
http://lsm.immunix.org/patches/2.4/2.4.18/ChangeLog-2.4.18-lsm3
2.4.18-lsm3
- SELinux updates (Stephen Smalley)
- build updates
- permit blocking allocate during policy load
- update enforcing mode selection
- locking fixes
- backport relevant 2.5 exec_permission_lite changes
- added comm to audit msg
- make extened socket call processing optional
- enhanced MLS support
2.4.18-lsm2
- remerge with 2.4.18, merge error (me)
- update to LIDS 2.0.1pre3 (Huagang Xie)
- many bug fixes and code cleanups
- use single source tree for 2.4/2.5
- stackable with owlsm
- SELinux updates (Stephen Smalley)
- many bug fixes and code cleanups
- security server locking updates
- Merge Selopt from James Morris
- add support for owlsm stacking
- deadlock fixes
- added socket post_accept and skb recv_datagram hooks (Chris Vance)
- fixed lsm netfilter hook placement (James Morris)
- add pivotroot and post_pivotroot hooks (Stephen Smalley)
2.4.18-lsm1
- 2.4.18-pre and 2.4.18 merges (me)
- make sure sys_setgroups16 is mediated (Antony
Edwards/me)
- fcntl_*lk* cleanups (me)
- file_ops->lock support for fcntl style locks (Antony
Edwards/me)
- multiple DTE cleanups (Serge Hallyn)
- add binprm check_security hook (Huagang Xie)
- add LIDS module to tree (Huagang Xie)
- replace binfmt_elf.c fix lost in 2.4.18 (me)
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net