| Age | Commit message (Expand) | Author |
|---|
| 2016-11-17 | namespace: clarify that /proc/apm is obsolete, but leave it blocked | Lennart Poettering |
| 2016-11-17 | namespace: reindent namespace tables | Lennart Poettering |
| 2016-11-17 | namespace: simplify, optimize and extend handling of mounts for namespace | Lennart Poettering |
| 2016-11-10 | core:namespace: count and free failed paths inside chase_all_symlinks() (#4619) | Djalal Harouni |
| 2016-11-08 | core: on DynamicUser= make sure that protecting sensitive paths is enforced (... | Djalal Harouni |
| 2016-11-07 | nspawn: slight simplification | Zbigniew Jędrzejewski-Szmek |
| 2016-11-07 | nspawn: avoid one strdup by using free_and_replace | Zbigniew Jędrzejewski-Szmek |
| 2016-11-07 | core: make RootDirectory= and ProtectKernelModules= work | Djalal Harouni |
| 2016-10-23 | tree-wide: drop NULL sentinel from strjoin | Zbigniew Jędrzejewski-Szmek |
| 2016-10-12 | core:sandbox: lets make /lib/modules/ inaccessible on ProtectKernelModules= | Djalal Harouni |
| 2016-09-25 | core:namespace: simplify ProtectHome= implementation | Djalal Harouni |
| 2016-09-25 | core: simplify ProtectSystem= implementation | Djalal Harouni |
| 2016-09-25 | core:sandbox: add more /proc/* entries to ProtectKernelTunables= | Djalal Harouni |
| 2016-09-25 | core:namespace: simplify mount calculation | Djalal Harouni |
| 2016-09-25 | core:namespace: put paths protected by ProtectKernelTunables= in | Djalal Harouni |
| 2016-09-25 | core:namespace: minor improvements to append_mounts() | Djalal Harouni |
| 2016-09-25 | namespace: drop all mounts outside of the new root directory | Lennart Poettering |
| 2016-09-25 | namespace: don't make the root directory of a namespace a mount if it already... | Lennart Poettering |
| 2016-09-25 | namespace: chase symlinks for mounts to set up in userspace | Lennart Poettering |
| 2016-09-25 | namespace: invoke unshare() only after checking all parameters | Lennart Poettering |
| 2016-09-25 | core: introduce ProtectSystem=strict | Lennart Poettering |
| 2016-09-25 | namespace: add some debug logging when enforcing InaccessiblePaths= | Lennart Poettering |
| 2016-09-25 | namespace: rework how ReadWritePaths= is applied | Lennart Poettering |
| 2016-09-25 | namespace: when enforcing fs namespace restrictions suppress redundant mounts | Lennart Poettering |
| 2016-09-25 | namespace: simplify mount_path_compare() a bit | Lennart Poettering |
| 2016-09-25 | namespace: make sure InaccessibleDirectories= masks all mounts further down | Lennart Poettering |
| 2016-09-25 | core: add two new service settings ProtectKernelTunables= and ProtectControlG... | Lennart Poettering |
| 2016-07-22 | Merge pull request #3764 from poettering/assorted-stuff-2 | Martin Pitt |
| 2016-07-20 | namespace: fix wrong return value from mount(2) (#3758) | Topi Miettinen |
| 2016-07-20 | namespace: add a (void) cast | Lennart Poettering |
| 2016-07-20 | namespace: minor improvements | Lennart Poettering |
| 2016-07-19 | doc,core: Read{Write,Only}Paths= and InaccessiblePaths= | Alessandro Puccetti |
| 2016-07-19 | namespace: unify limit behavior on non-directory paths | Alessandro Puccetti |
| 2016-05-15 | namespace: Make private /dev noexec and readonly (#3263) | topimiettinen |
| 2016-05-14 | namespace: unmount old /dev under our new private /dev (#3254) | topimiettinen |
| 2016-02-11 | Remove kdbus custom endpoint support | Daniel Mack |
| 2016-02-10 | tree-wide: remove Emacs lines from all files | Daniel Mack |
| 2015-10-27 | util-lib: split out allocation calls into alloc-util.[ch] | Lennart Poettering |
| 2015-10-27 | user-util: move UID/GID related macros from macro.h to user-util.h | Lennart Poettering |
| 2015-10-27 | util-lib: split out umask-related code to umask-util.h | Lennart Poettering |
| 2015-10-27 | util-lib: move string table stuff into its own string-table.[ch] | Lennart Poettering |
| 2015-10-27 | util-lib: move mount related utility calls to mount-util.[ch] | Lennart Poettering |
| 2015-10-26 | socket-util: move remaining socket-related calls from util.[ch] to socket-uti... | Lennart Poettering |
| 2015-10-25 | util-lib: split out fd-related operations into fd-util.[ch] | Lennart Poettering |
| 2015-10-24 | util-lib: split our string related calls from util.[ch] into its own file str... | Lennart Poettering |
| 2015-09-29 | tree-wide: port more code to use send_one_fd() and receive_one_fd() | Lennart Poettering |
| 2015-09-09 | tree-wide: update empty-if coccinelle script to cover empty-while and more | Lennart Poettering |
| 2015-09-09 | tree-wide: make use of log_error_errno() return value in more cases | Lennart Poettering |
| 2015-09-09 | tree-wide: make use of log_error_errno() return value | Lennart Poettering |
| 2015-06-10 | util: introduce CMSG_FOREACH() macro and make use of it everywhere | Lennart Poettering |
