2010-09-02 20:46 spender * gradm_misc.c: turn on echo 2010-09-02 20:42 spender * gradm_misc.c: add ctrl+c handler during password prompt 2010-08-26 17:02 spender * gradm_parse.c: reset link count if no deleted file or symlink found, from Ilya Novikov 2010-08-10 21:15 spender * gradm_parse.c: change quote order for aesthetics 2010-08-10 21:11 spender * gradm_parse.c: add checking for empty roles 2010-07-22 23:03 spender * gradm_adm.c: don't open before we have a writer 2010-07-22 22:56 spender * gradm_adm.c, gradm_defs.h, grlearn.c: don't rely on hardcoded fd, use named pipe 2010-07-02 20:22 spender * learn_config: update learn_config to match default policy requirements 2010-06-19 20:58 spender * gradm.l, gradm.y, gradm_adm.c, gradm_cap.c, gradm_defs.h, gradm_func.h, grlearn_config.y, policy: add capability auditing and suppression from Zbyniu Krzystolik 2010-05-04 10:03 spender * Makefile: fix syntax 2010-05-04 10:01 spender * Makefile: update udev rule 2010-05-04 09:41 spender * Makefile: add udev support 2010-04-06 17:45 spender * gradm_misc.c: fix status check on non-grsec kernels 2009-10-07 19:16 spender * gradm.l: allow more modes for domains 2009-10-06 21:14 spender * gradm.8: -R can't be used with -V 2009-10-06 20:00 spender * gradm_parse.c: fix uid based roles 2009-10-06 19:40 spender * grlearn.c: fix compile 2009-10-06 19:38 spender * Makefile: fix makefile 2009-10-06 19:37 spender * grlearn.c: fix compile warnings, force bison 2009-10-06 19:35 spender * Makefile: force bison, thanks to ubuntu 2009-10-06 18:57 spender * gradm_adm.c, gradm_analyze.c: check return values 2009-10-06 18:51 spender * gradm_adm.c, gradm_parse.c, gradm_replace.c: fix format string 2009-10-06 18:46 spender * gradm_arg.c: check getcwd error 2009-10-06 18:45 spender * gradm.h: add limits header 2009-10-02 17:35 spender * gradm_arg.c: allow policy debugging with -C 2009-10-02 16:39 spender * gradm_defs.h, gradm_parse.c: limit symlink depth, from Zbyniu Krzystolik 2009-10-02 16:34 spender * gradm.l: user/group transition debugging, from Zbyniu Krzystolik 2009-10-02 16:26 spender * gradm_parse.c: allow numerical uids/gids in policy -- modified from Zbyniu Krzystolik 2009-10-02 14:26 spender * policy: update default policy 2009-10-02 14:25 spender * gradm_analyze.c: add kallsyms to enforced protection 2009-10-02 14:10 spender * gradm_arg.c: allow verbose stats with -C 2009-10-02 14:05 spender * gradm_arg.c: fix formatting 2009-10-02 14:02 spender * Makefile, gradm.8, gradm.l, gradm.y, gradm_arg.c, gradm_func.h, gradm_parse.c, gradm_replace.c, policy: add replace rule and -C option to check policy 2009-09-23 22:06 spender * gradm_parse.c: update initial deleted file inode 2009-09-16 20:21 spender * gradm_analyze.c: don't allow a bind rule without a connect rule, and vice-versa 2009-09-16 09:27 spender * gradm_analyze.c: fix missing paren 2009-09-16 09:22 spender * gradm_analyze.c: fix special roles, they aren't required to have the G flag 2009-09-14 21:53 spender * gradm_analyze.c: don't allow role_transitions unless the role has the G flag 2009-09-13 19:15 spender * gradm.l: reject improper paths 2009-09-06 22:29 spender * gradm_analyze.c, learn_config, policy: enforce /proc/modules protection 2009-08-26 16:25 spender * gradm_analyze.c: only require enforcement if it exists 2009-08-24 23:00 spender * gradm_analyze.c, learn_config, policy: add module protection 2009-07-28 23:49 spender * gradm_analyze.c: update warning for CAP_SYS_BOOT enforcement 2009-07-06 16:52 spender * policy: update documentation on restarting sshd 2009-05-15 19:13 spender * learn_config: add /var/backups to high-protected-path in learn_config, since it can contain backups of the /etc/shadow file 2009-05-13 15:34 spender * gradm_learn_pass2.y: add resource learning 2009-04-24 20:18 spender * gradm_arg.c: move gr_enable up earlier 2009-04-24 20:09 spender * gradm_adm.c, gradm_arg.c, gradm_defs.h: warn if enabling RBAC system with non-standard gradm binary 2009-04-24 19:35 spender * gradm_res.c: fix RES_CRASH crash 2009-04-23 23:24 spender * Makefile: update copyright 2009-04-21 16:02 spender * gradm_arg.c: update copyright 2009-04-14 13:56 spender * gradm_newlearn.c: fix learning crash on NULL node subject 2009-04-10 20:33 spender * learn_config: update learn_config to protect /proc/slabinfo 2009-04-10 20:27 spender * gradm_analyze.c, policy: enforce non-readable /proc/slabinfo 2009-04-10 20:05 spender * gradm_analyze.c: enforce protection of kernel images 2009-03-28 13:11 spender * gradm_defs.h, gradm_res.c: change resource array size, add support for new resources, increment version 2009-02-23 21:50 spender * gradm.l: ignore CVS, .svn directories and and *~ files, adapted from Zbyniu Krzystolik 2009-02-23 21:35 spender * gradm.l: 64bit capability support with GRADM_DEBUG, from Zbyniu Krzystolik 2009-02-21 12:15 spender * gradm.l, gradm.y, gradm_defs.h, gradm_learn.c, gradm_newlearn.c, gradm_res.c, policy: add INADDR_ANY overriding 2009-01-25 14:08 spender * gradm_res.c: fix unlimited RES_NOFILE limit 2008-06-25 18:56 spender * policy: update documentation per zakalwe's suggestion 2008-06-25 18:52 spender * policy: update documentation per zakalwe's suggestion 2008-06-24 00:09 spender * gradm_newlearn.c: update mode for default subject 2008-06-24 00:07 spender * gradm_newlearn.c: fix mode for default subject 2008-05-18 10:40 spender * gradm_func.h: add prototypes 2008-05-18 02:59 spender * gradm_analyze.c, gradm_cap.c, gradm_defs.h, gradm_fulllearn.c, gradm_fulllearn_pass3.y, gradm_func.h, gradm_learn.c, gradm_learn_pass2.y, gradm_newlearn.c: add 64bit capability support, add new capabilities 2008-04-14 20:54 spender * gradm_cap.c, gradm_defs.h: add support for CAP_SETFCAP 2008-04-04 16:05 spender * gradm.l, gradm_fulllearn_pass1.l, gradm_fulllearn_pass2.l, gradm_fulllearn_pass3.l, gradm_learn_pass1.l, gradm_learn_pass2.l: extend username limits 2008-03-27 21:25 spender * learn_config: always reduce portage 2008-03-17 17:43 spender * gradm_analyze.c: fix error checking when not done per-role 2008-03-17 17:38 spender * gradm_analyze.c: always check for default subjects/objects 2008-03-13 21:01 spender * Makefile, gradm_parse.c: support policies on files > 2gb 2008-03-10 18:07 spender * gradm_misc.c, grlearn.c: fix open learning config 2008-03-10 17:50 spender * gradm_pw.c: don't leak fd 2008-03-10 17:45 spender * gradm_adm.c, grlearn.c: replace racy signal handling with pipe 2008-02-24 16:14 spender * gradm.l: error on invalid port numbers 2007-11-26 18:05 spender * gradm.l: show_policy fixes from Zbyniu Krzystolik 2007-08-01 16:30 spender * gradm_cap.c, gradm_defs.h: add support for new capabilities, increment version, from Zbyniu Krzystolik 2007-07-23 18:04 spender * gradm_sym.c: don't duplicate union members 2007-05-29 16:38 spender * learn_config, policy: kernel image protection 2007-02-10 09:28 spender * policy: update default policy 2007-02-10 09:13 spender * Makefile, gradm_adm.c, gradm_analyze.c, gradm_arg.c, gradm_defs.h, gradm_func.h, gradm_globals.c, gradm_learn.c, gradm_sha256.c: code cleanups 2007-02-09 17:44 spender * gradm.l: allow coredumps if GRADM_DEBUG is added to makefile 2007-01-12 18:50 spender * gradm_fulllearn.c: add admin role to full learning 2006-12-29 22:47 spender * gradm_defs.h, gradm_pax.c: update pax flags and gradm version 2006-10-09 10:13 spender * gradm_arg.c: fix full learning 2006-09-23 08:53 spender * gradm_analyze.c, gradm_arg.c: bug fix 2006-09-22 22:09 spender * gradm_analyze.c, gradm_arg.c: make sure learning is actually being used if enabled on any subject or role 2006-08-24 18:55 spender * policy: update policy 2006-07-14 21:26 spender * policy: update documentation 2006-03-13 18:07 spender * gradm_sym.c: fix ordering of define objects 2006-03-04 19:35 spender * gradm_analyze.c: skip admin roles in T subject flag 2006-02-14 18:46 spender * gradm_defs.h: update to 2.1.9 2006-02-07 19:42 spender * gradm_parse.c: add to ptr listing 2006-02-06 18:27 spender * gradm.l: fix interface bug 2006-02-05 17:51 spender * gradm_adm.c: fix symlink issue on gradm_pam 2006-01-21 23:40 spender * gradm_parse.c: fix error on noauth+G 2006-01-21 23:26 spender * policy: fix typo 2006-01-08 12:45 spender * gradm_analyze.c: add additional analysis 2006-01-06 19:16 spender * gradm_lib.c: fix false dupe for good 2006-01-01 20:44 spender * gradm.l: add limit on virtual interfaces 2006-01-01 20:37 spender * gradm.l, gradm.y, gradm_net.c, policy: update interface support, add virtual interface support 2005-12-22 11:36 spender * gradm_defs.h: update version 2005-12-22 09:06 spender * gradm.l: better handling of invalid characters, report instead of ignoring 2005-12-22 08:44 spender * gradm_parse.c: compile fix 2005-12-22 08:42 spender * gradm_parse.c: error on invalid role mode 2005-12-17 19:56 spender * policy: update documentation 2005-12-17 19:24 spender * Makefile, gradm.l, gradm.y, gradm_defs.h, gradm_func.h, gradm_human.c, gradm_learn.c, gradm_newlearn.c, gradm_parse.c, gradm_pax.c, policy: add new pax flags implementation 2005-12-06 21:14 spender * gradm_analyze.c: inform the user if they have a special role that is inaccessible from any role, due to lacking role transitions 2005-12-06 19:18 spender * gradm.y: fix lib64 symlinking problem, better error reporting for internal full learning policy, byacc bugfix 2005-12-06 19:15 spender * gradm_adm.c, gradm_parse.c: fix lib64 symlinking problem 2005-11-14 21:04 spender * gradm.l, gradm.y, gradm_defs.h, gradm_net.c: add userspace component of interface support 2005-10-31 22:45 spender * gradm_pw.c: have gradm use /dev/urandom instead of /dev/random for salt generation, since the salt is large and essentially secret 2005-09-18 20:51 spender * gradm_adm.c: fix x incompatibility 2005-09-10 16:46 spender * gradm_sha256.c: fix gcc4 warnings 2005-09-10 16:41 spender * gradm_parse.c: add reporting of duplicate names, and verbosity for duplicates due to symlinking/hardlinking 2005-09-10 16:34 spender * gradm_lib.c: fix /sys duplicate error 2005-09-10 16:10 spender * gradm_res.c: fix cpu time limits 2005-08-20 16:50 spender * gradm_defs.h: update version 2005-08-20 16:19 spender * Makefile: change device number 2005-08-04 19:49 spender * gradm_adm.c, gradm_arg.c, gradm_func.h, gradm_learn_pass1.l, gradm_learn_pass2.l, gradm_lib.c, gradm_misc.c, gradm_parse.c, gradm_pw.c: fix gcc4 warnings 2005-08-04 19:30 spender * gradm_fulllearn_pass1.l, gradm_fulllearn_pass2.l, gradm_fulllearn_pass3.l: fix regex conflict 2005-08-04 19:20 spender * gradm.l, gradm_fulllearn_pass1.l, gradm_fulllearn_pass2.l, gradm_fulllearn_pass3.l, gradm_learn_pass1.l, gradm_learn_pass2.l: update role lex 2005-07-18 19:51 spender * gradm_res.c: import fix from julien tinnes 2005-07-02 08:29 spender * learn_config: make /tmp,/var/tmp always reduce 2005-06-13 12:45 spender * grlearn.c, gradm_adm.c: fix pausing 2005-06-13 12:21 spender * gradm_adm.c, policy: add a flag to subjects 2005-06-13 09:59 spender * gradm_fulllearn.c: fix 2005-06-12 19:42 spender * gradm_newlearn.c: remove unused variables 2005-06-12 19:39 spender * gradm_newlearn.c: fix null pointer deref 2005-06-12 14:57 spender * learn_config: update learn_config 2005-06-12 14:43 spender * gradm_newlearn.c: fixes 2005-06-12 14:34 spender * gradm_newlearn.c: compile fix 2005-06-12 14:32 spender * gradm_defs.h, gradm_newlearn.c: fix improper role reduction 2005-06-10 13:02 spender * gradm.y: fix ip mode 2005-06-10 12:49 spender * gradm_adm.c, grlearn.c: add signal handler 2005-06-10 07:17 spender * grlearn2_config.y: compile fix 2005-06-09 08:08 spender * grlearn2_config.y: fix compile with bison 2005-06-09 08:02 spender * gradm_adm.c, gradm_parse.c, grlearn.c, grlearn2_config.y: add fixes from peter s mazinger 2005-06-08 09:44 spender * gradm_defs.h: update version 2005-05-17 22:17 spender * gradm_defs.h: remove deleted_objects 2005-05-17 22:04 spender * gradm_defs.h: remove mode flag, add counter 2005-05-17 21:58 spender * gradm_defs.h: add hasdeleted subject flag 2005-05-15 16:04 spender * gradm_newlearn.c: revert last change 2005-05-15 15:49 spender * gradm_adm.c, gradm_newlearn.c, grlearn.c: update enforce check 2005-05-14 15:17 spender * grlearn2_config.y: have grlearn interpret always-reduce-path 2005-05-14 15:10 spender * Makefile, gradm_pam.c, grlearn.c, grlearn_config.l: have grlearn interpret always-reduce-path 2005-05-12 15:09 spender * policy: update default sshd policy 2005-05-10 17:51 spender * gradm_parse.c: fix role dupe checking 2005-05-05 12:58 spender * gradm_pam.c: code cleanup 2005-05-05 12:53 spender * gradm_pam.c: free possibly allocated passwords 2005-05-05 12:49 spender * gradm_pam.c: code cleanups 2005-05-04 22:15 spender * Makefile: update makefile 2005-05-04 22:05 spender * Makefile: make gradm_pam suid root 2005-05-04 21:25 spender * gradm_adm.c: move rule 2005-05-04 21:24 spender * gradm_adm.c: remove dupe 2005-05-04 21:23 spender * gradm_adm.c: update gradm_pam rules 2005-05-04 21:17 spender * gradm_adm.c: update gradm_pam rules 2005-05-04 21:17 spender * gradm_adm.c: add rules for gradm_pam 2005-05-04 21:14 spender * gradm_pam.c: set arg 2005-05-04 21:13 spender * gradm_arg.c, gradm_defs.h: add new entry mode 2005-05-04 21:10 spender * gradm_adm.c: add gradm_pam to gradm accesses 2005-05-04 20:32 spender * gradm_arg.c, gradm_parse.c: update 2005-05-04 20:28 spender * Makefile, README, gradm.8, gradm.l, gradm_adm.c, gradm_arg.c, gradm_defs.h, gradm_func.h, gradm_human.c, gradm_misc.c, gradm_pam.c, gradm_parse.c, policy: add pam authentication support, new subject flag 2005-05-04 13:50 spender * gradm_analyze.c: add check for /dev/grsec 2005-05-04 12:44 spender * gradm.h: reverse macros 2005-05-04 11:46 spender * Makefile, gradm.h, gradm.l, gradm_arg.c, gradm_defs.h, gradm_misc.c, gradm_parse.c: allow gradm to work on both 2.4/2.6 kernels with the same binary 2005-05-03 20:03 spender * policy: update documentation 2005-05-03 19:43 spender * gradm.l, gradm.y, gradm_defs.h: add inverted socket policies 2005-04-21 16:03 spender * gradm.l: fix crash on include 2005-04-21 14:11 spender * gradm_res.c: remove unused variable 2005-04-21 13:58 spender * learn_config: add redhat init.d support 2005-04-21 13:56 spender * learn_config: add init.d to inherit-learn 2005-04-21 12:12 spender * learn_config: add more always-reduce-path entries 2005-04-21 12:09 spender * learn_config: add high-protected-path entries 2005-04-21 12:07 spender * gradm_analyze.c, learn_config: protect /sys 2005-04-21 12:03 spender * learn_config: add inherit-learn entry 2005-04-21 12:00 spender * gradm_parse.c: code cleanup 2005-04-21 09:28 spender * gradm_lib.c: set key 2005-04-21 09:22 spender * gradm_lib.c: use key, not index 2005-04-21 09:14 spender * gradm_defs.h, gradm_lib.c: add key to hash entry to avoid string comparisons if possible 2005-04-20 22:19 spender * learn_config: add always-reduce-path entries 2005-04-20 21:50 spender * gradm.l: remove debugging 2005-04-20 21:49 spender * gradm.l, gradm_defs.h, gradm_parse.c: fix include code 2005-04-18 22:14 spender * gradm.8, gradm_arg.c, gradm_fulllearn.c, gradm_func.h, gradm_learn.c: allow stdin as a learning log file 2005-04-08 11:15 spender * gradm.l, gradm_defs.h, gradm_newlearn.c: compile fix 2005-04-08 11:04 spender * gradm.h, gradm_res.c: update resource name outputs 2005-04-06 20:38 spender * gradm_fulllearn_pass2.l, gradm_fulllearn_pass3.l, gradm_learn_pass1.l, gradm_learn_pass2.l: no need to strip (deleted) 2005-04-06 09:33 spender * learn_config: update learn_config 2005-04-04 18:19 spender * gradm_parse.c: fix /dev/pts warning 2005-04-04 18:13 spender * grlearn_config.l, learn_config: update documentation, update directive names 2005-04-04 18:10 spender * learn_config: update documentation 2005-04-04 17:42 spender * gradm_defs.h: update version 2005-04-04 17:28 spender * grlearn_config.y: add always-reduce 2005-04-03 19:05 spender * gradm_parse.c: error on /dev/pts/* objects 2005-04-03 18:59 spender * gradm_defs.h, gradm_misc.c, gradm_newlearn.c, grlearn_config.l, grlearn_config.y: add always-reduce directive 2005-04-03 17:22 spender * gradm_res.c: fix resource names on archs that define their own rlimit order 2005-03-29 07:52 spender * gradm_fulllearn.c, gradm_newlearn.c: fix full learn crashing 2005-03-22 10:15 spender * gradm_newlearn.c: fix override 2005-03-22 10:09 spender * gradm_fulllearn.c, gradm_fulllearn_pass2.y, gradm_learn_pass1.y: fix override mode for learning 2005-03-21 18:45 spender * gradm_defs.h: update version 2005-03-20 09:45 spender * gradm_net.c: fix ip add 2005-03-20 07:56 spender * grlearn.c: rewrite /dev/pts entries 2005-03-07 09:15 spender * Makefile: don't go interactive if compiling for distro 2005-03-06 22:47 spender * gradm_parse.c: fix /SYSV000000 accesses 2005-03-06 22:34 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_parse.c, policy: add t subject flag 2005-03-06 22:00 spender * gradm_parse.c: remove comment 2005-03-06 21:59 spender * gradm_defs.h, gradm_human.c, gradm_parse.c: add GR_PROCFIND flag, update version 2005-03-03 19:24 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_parse.c: remove randexec support 2005-02-24 10:39 spender * gradm.l: update lexer 2005-02-24 10:33 spender * gradm.l, gradm.y, gradm_func.h, gradm_net.c: add hostname support 2005-02-21 17:17 spender * Makefile: fix install 2005-02-18 15:33 spender * gradm_defs.h: update version 2005-02-16 20:41 spender * gradm_newlearn.c: cachednode -> cachedlen 2005-01-30 13:44 spender * Makefile: update copyright 2005-01-24 23:02 spender * Makefile, gradm.h, gradm.l: update makefile, from Peter S. Mazinger 2005-01-22 23:13 spender * gradm.l: fix including crash 2005-01-22 21:31 spender * gradm_learn.c, gradm_learn_pass1.y: fix learning crash 2005-01-22 21:25 spender * gradm_fulllearn_pass1.y, gradm_learn_pass1.y: fix crash with certain learning logs 2005-01-22 13:04 spender * Makefile: update makefile to build 64bit x86-64 binaries 2005-01-21 10:23 spender * gradm_adm.c: update kernel role 2005-01-17 20:14 spender * policy: update policy 2005-01-17 15:41 spender * learn_config: update documentation 2005-01-15 13:22 spender * learn_config: update high reduce paths 2005-01-15 13:09 spender * gradm_newlearn.c: update weights 2005-01-15 12:51 spender * gradm_newlearn.c: update weight 2005-01-15 12:29 spender * gradm_newlearn.c: compile fix 2005-01-15 12:27 spender * gradm_newlearn.c: remove debugging 2005-01-15 12:26 spender * gradm_newlearn.c: update reduction 2005-01-15 12:14 spender * gradm_newlearn.c: update mode reduction 2005-01-15 11:53 spender * gradm_newlearn.c: update weights 2005-01-15 11:36 spender * gradm_newlearn.c: update mode reduction 2005-01-15 11:30 spender * learn_config: don't reduce /home 2005-01-15 11:26 spender * learn_config: update high reduction paths 2005-01-15 11:15 spender * grlearn.c: /tmp rewriting 2005-01-14 13:21 spender * Makefile: fix makefile 2005-01-14 12:20 spender * gradm_misc.c: update message 2005-01-14 12:18 spender * gradm_misc.c: update sniffing message 2005-01-14 10:01 spender * Makefile: makefile update 2005-01-13 17:36 spender * learn_config: update documentation 2005-01-12 22:16 spender * gradm.l: fix $HOME 2005-01-12 22:06 spender * gradm_parse.c: can't use /home/spender for domains 2005-01-12 22:00 spender * gradm_parse.c: update info 2005-01-12 21:53 spender * gradm_parse.c: fix warning 2005-01-12 21:52 spender * gradm_parse.c: domain dupe checking 2005-01-12 21:46 spender * gradm.l: add multiple line support for domains 2005-01-12 20:00 spender * gradm_analyze.c: fix typo 2005-01-12 19:59 spender * gradm_analyze.c: fix typos 2005-01-12 19:58 spender * gradm_analyze.c: ignore kernel role 2005-01-12 19:56 spender * gradm_analyze.c: add more information 2005-01-12 19:51 spender * gradm.y: fix symbol usage 2005-01-12 19:32 spender * gradm.l: include updates 2005-01-12 17:38 spender * gradm_arg.c: start grlearn later 2005-01-12 13:13 spender * grlearn.c: update learn buffer size 2005-01-12 12:36 spender * gradm.l: fix /home/spender 2005-01-11 20:49 spender * gradm_defs.h: fix deleted flag 2005-01-11 15:07 spender * gradm_misc.c: update error 2005-01-11 14:31 spender * gradm_parse.c: pass right version 2005-01-11 14:13 spender * gradm_misc.c: better error message when handling 2.4/2.6 gradm 2005-01-11 01:42 spender * gradm_adm.c, policy: update policy 2005-01-09 00:49 spender * gradm_defs.h: update version 2005-01-08 21:31 spender * gradm_arg.c, gradm_defs.h, gradm_misc.c: add automatic tty sniffing detection 2005-01-08 12:10 spender * gradm_adm.c: add admin to role transitions 2005-01-08 12:01 spender * gradm_adm.c: fix typos 2005-01-08 11:59 spender * gradm_adm.c: add do-anything admin role for full learning 2005-01-08 11:45 spender * gradm_adm.c, gradm_arg.c, gradm_func.h, gradm_misc.c, grlearn_config.y: parse learning config both when enabling full learning and when parsing learning logs 2005-01-08 11:16 spender * gradm_newlearn.c: check for null 2005-01-08 11:03 spender * gradm_defs.h, gradm_func.h, gradm_lib.c, gradm_misc.c, gradm_newlearn.c, grlearn_config.l, grlearn_config.y, learn_config: make learning heuristics much more configurable 2005-01-08 10:42 spender * gradm_misc.c: fix unsprole error msg 2005-01-07 19:28 spender * grlearn_config.y: fix old bison compile 2005-01-03 09:26 spender * gradm_defs.h: fix typo 2005-01-03 09:24 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_parse.c, policy: add GR_LINK, GR_AUDIT_LINK 2005-01-02 17:54 spender * gradm_defs.h: kick version up to 2.1.0, many important changes 2005-01-02 12:14 spender * policy: update policy 2004-12-31 16:50 spender * gradm_net.c: gr_dyn_alloc for initial allocation 2004-12-29 12:48 spender * gradm_analyze.c: resolve relative paths in PATH envvar 2004-12-27 09:34 spender * gradm_func.h: add declaration 2004-12-27 09:07 spender * gradm.l, gradm_adm.c, gradm_arg.c, gradm_fulllearn_pass2.l, gradm_fulllearn_pass2.y, gradm_fulllearn_pass3.l, gradm_fulllearn_pass3.y, gradm_learn_pass1.l, gradm_learn_pass1.y, gradm_learn_pass2.l, gradm_learn_pass2.y, gradm_lib.c, gradm_newlearn.c, gradm_opt.c, gradm_parse.c, grlearn_config.l: fix double frees, exit on strdup failure 2004-12-27 08:55 spender * gradm_lib.c: calloc memory if NULL passed to gr_dyn_realloc 2004-12-23 08:35 spender * gradm_newlearn.c: fix crash, from barry schwartz 2004-12-21 20:14 spender * gradm_arg.c: don't include kernel role 2004-12-21 20:09 spender * gradm_arg.c: shorten line 2004-12-21 20:08 spender * gradm_arg.c: extend line 2004-12-21 20:06 spender * gradm_arg.c: change stats 2004-12-21 20:01 spender * gradm_arg.c: better formatting 2004-12-21 19:59 spender * gradm_arg.c: remove newline 2004-12-21 19:57 spender * gradm_arg.c: non-admin 2004-12-21 19:54 spender * gradm_arg.c, gradm_analyze.c: fix typo 2004-12-21 19:54 spender * gradm.8, gradm_analyze.c, gradm_arg.c, policy: add policy statistics 2004-12-21 15:37 spender * grlearn.c: move pid writer 2004-12-21 14:23 spender * grlearn.c: update kill, print to stdout 2004-12-21 14:17 spender * gradm_adm.c: remove debugging 2004-12-20 21:54 spender * policy: update documentation 2004-12-19 18:10 spender * gradm_adm.c, gradm_fulllearn_pass1.l, gradm_fulllearn_pass2.l, gradm_fulllearn_pass2.y, gradm_fulllearn_pass3.l, gradm_learn.c, gradm_learn_pass1.l, gradm_learn_pass1.y, gradm_learn_pass2.l, gradm_learn_pass2.y, gradm_opt.c, gradm_parse.c: rewrite pipe/socket entries to /proc, free them appropriately, free strings on non-full-learning, add id transition support to non-full-learning 2004-12-19 12:55 spender * grlearn.c: remove unused var 2004-12-19 12:54 spender * grlearn.c: add signal handler to flush buffer when grlearn is stopped 2004-12-19 12:39 spender * grlearn.c: speed up caching, reduce context switches by buffering writes 2004-12-18 13:49 spender * gradm_adm.c: fix sock type 2004-12-18 13:48 spender * gradm.l: add more debugging 2004-12-18 09:51 spender * gradm_adm.c: allow gradm to be installed on an nfs mounted root 2004-12-17 14:38 spender * grlearn.c: fix -Wall warning 2004-12-17 13:39 spender * gradm_newlearn.c: tweak reduction weights 2004-12-17 12:57 spender * gradm_fulllearn.c: fix compile error 2004-12-17 12:56 spender * gradm_fulllearn.c: fix typo 2004-12-17 12:55 spender * gradm_fulllearn.c, gradm_newlearn.c: only add id transitions when CAP_SETUID/CAP_SETGID is present 2004-12-17 12:19 spender * gradm_fulllearn.c: fix free 2004-12-17 12:15 spender * gradm_newlearn.c: fix id insert 2004-12-17 12:11 spender * gradm_fulllearn_pass2.y, gradm_fulllearn_pass3.y: don't make id changes cause a subject creation, CAP_SET*ID will already create them 2004-12-17 12:03 spender * gradm_fulllearn.c: free subject ids, clean up reduction 2004-12-17 11:51 spender * gradm_newlearn.c: fix display 2004-12-17 10:45 spender * gradm_fulllearn.c: check if list != null 2004-12-17 10:40 spender * Makefile, gradm_arg.c: update license 2004-12-17 09:49 spender * gradm_newlearn.c: fix typo 2004-12-17 09:48 spender * gradm_newlearn.c: add displaying of id transitions 2004-12-17 09:39 spender * gradm_fulllearn.c: add id transition reduction 2004-12-17 09:30 spender * gradm_defs.h, gradm_fulllearn_pass2.l, gradm_fulllearn_pass2.y, gradm_fulllearn_pass3.y, gradm_func.h, gradm_newlearn.c: add id transition learning function 2004-12-17 09:02 spender * gradm_defs.h, gradm_fulllearn_pass3.y, gradm_func.h, gradm_newlearn.c: add insert_learn_id_transition prototype 2004-12-17 08:43 spender * gradm_fulllearn_pass2.y, gradm_fulllearn_pass3.l, gradm_fulllearn_pass3.y: free filename, not $9 2004-12-17 08:36 spender * gradm_fulllearn_pass1.l, gradm_fulllearn_pass1.y, gradm_fulllearn_pass2.l, gradm_fulllearn_pass2.y: more lex/yacc for user/group transitions 2004-12-17 01:37 spender * gradm_fulllearn_pass1.l, gradm_fulllearn_pass1.y, gradm_fulllearn_pass2.l: first bit of userspace parsing of new id change learning 2004-12-15 18:16 spender * gradm_newlearn.c: add /var and /opt to irreducible dirs 2004-12-15 18:08 spender * gradm_adm.c: fix learn config 2004-12-15 18:01 spender * gradm_parse.c, grlearn_config.l: fix learn config 2004-12-15 17:48 spender * learn_config: fix cron names 2004-12-15 16:21 spender * gradm.h, gradm.y, gradm_analyze.c, gradm_cap.c, gradm_defs.h, gradm_fulllearn.c, gradm_fulllearn_pass2.y, gradm_fulllearn_pass3.y, gradm_func.h, gradm_human.c, gradm_learn.c, gradm_learn_pass1.y, gradm_learn_pass2.y, gradm_misc.c, gradm_nest.c, gradm_net.c, gradm_newlearn.c, gradm_parse.c, gradm_sha256.c, gradm_sym.c: fix up types, no longer include any kernel headers 2004-12-15 15:52 spender * Makefile: clean up makefile 2004-12-15 08:24 spender * gradm_defs.h: update version 2004-12-13 17:25 spender * grlearn.c: remove comment 2004-12-13 17:24 spender * gradm_newlearn.c: full learning update 2004-12-13 17:23 spender * gradm_newlearn.c, grlearn.c: full learning updates 2004-12-13 16:04 spender * gradm_arg.c, policy: acl -> policy 2004-12-13 15:08 spender * gradm_adm.c: fix typo 2004-12-13 15:07 spender * gradm.y, gradm_adm.c, gradm_nest.c, gradm_opt.c, gradm_parse.c, gradm_sym.c: cleanup return value 2004-12-13 14:46 spender * gradm_newlearn.c: update reduction policy 2004-12-13 13:56 spender * learn_config: add documentation 2004-12-13 13:40 spender * gradm_adm.c, gradm_fulllearn_pass2.l, grlearn_config.l, grlearn_config.y: integrate learning config 2004-12-12 23:02 spender * gradm_defs.h: add define 2004-12-12 22:58 spender * Makefile, gradm_fulllearn_pass2.y, gradm_fulllearn_pass3.l, gradm_fulllearn_pass3.y, gradm_learn_pass1.l, gradm_learn_pass2.l, grlearn.l, grlearn.y, grlearn_config.l, grlearn_config.y, learn_config: learning config updates 2004-12-12 09:35 spender * grlearn.l, grlearn.y: add basic learn config parser 2004-12-12 09:05 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_parse.c: add inheritance-based learning 2004-12-10 17:15 spender * gradm_fulllearn_pass2.l, gradm_fulllearn_pass3.l, gradm_learn_pass1.l, gradm_learn_pass2.l: strip off deleted 2004-12-07 13:47 spender * gradm_defs.h, gradm_res.c: update define 2004-12-07 13:28 spender * gradm_defs.h: fix glibc 2.3.3 problem 2004-12-06 12:42 spender * gradm.l, gradm.y: more cleanup 2004-12-06 12:39 spender * gradm.l: more cleanup 2004-12-06 12:35 spender * gradm.y, gradm.l: more cleanup 2004-12-06 12:31 spender * gradm.y: clean up allocations 2004-12-06 12:28 spender * gradm.l, gradm.y: fewer allocations 2004-12-06 10:44 spender * Makefile: simplify kern version 2004-11-24 09:04 spender * gradm_arg.c: update copyright date 2004-11-23 10:32 spender * gradm_fulllearn_pass1.y: fix bison error 2004-11-23 07:05 spender * gradm_learn_pass1.y: compile fix 2004-11-19 18:39 spender * gradm_fulllearn.c: free ->users 2004-11-19 18:31 spender * gradm.l, gradm_arg.c, gradm_defs.h, gradm_fulllearn.c, gradm_fulllearn_pass1.l, gradm_fulllearn_pass1.y, gradm_fulllearn_pass2.l, gradm_fulllearn_pass2.y, gradm_fulllearn_pass3.l, gradm_fulllearn_pass3.y, gradm_func.h, gradm_learn_pass1.l, gradm_learn_pass1.y, gradm_learn_pass2.l, gradm_learn_pass2.y, gradm_lib.c, gradm_newlearn.c, gradm_parse.c: dramatically improve memory footprint and running time of full learning analysis 2004-11-17 20:11 spender * gradm_arg.c: don't require /dev/grsec for full learning analysis 2004-11-17 09:27 spender * gradm_defs.h: fix define 2004-11-05 08:16 spender * gradm_adm.c: don't bother restricting kernel threads, they have all capabilities enabled 2004-10-28 20:03 spender * gradm_func.h, gradm_lib.c: fixes from barry schwartz 2004-10-14 12:01 spender * gradm_adm.c: add to kernel role 2004-09-23 10:17 spender * gradm_res.c: add missing parenthesis 2004-09-21 08:40 spender * gradm_adm.c, grlearn.c: remove hardcoding of /etc/grsec 2004-09-21 08:34 spender * gradm_learn.c: fix typo 2004-09-20 21:44 spender * gradm_learn.c: fix index, thanks to barry schwartz 2004-09-20 09:17 spender * gradm_res.c: allow RES_NOFILE ulimited 2004-09-16 15:38 spender * gradm_adm.c: allow rw to /proc/bus/usb by kernel modules 2004-09-07 09:26 spender * gradm_defs.h: update mode numbers 2004-08-10 14:02 spender * Makefile: fix error, thanks to vinceh 2004-08-04 19:59 spender * gradm_parse.c: match most specific globbed rule first 2004-07-28 17:54 spender * gradm.l: fix null dereference 2004-07-22 21:57 spender * gradm.l: bugfix 2004-07-22 21:08 spender * gradm.l: fix typo 2004-07-22 20:57 spender * gradm.l: zero 2004-07-22 20:56 spender * gradm.l: null out name 2004-07-22 20:47 spender * gradm.l: remove comment 2004-07-22 20:42 spender * gradm.l: bugfix 2004-07-22 20:36 spender * gradm.l: Fix directory including 2004-07-09 14:43 spender * Makefile: automatically detect if being compiled on sparc64 and modify compiler flags accordingly 2004-07-09 14:36 spender * Makefile: remove whitespace 2004-07-09 14:21 spender * Makefile: automatic conversion to /etc/grsec/policy 2004-07-09 11:27 spender * gradm.l: fix directory including 2004-07-09 09:34 spender * policy: add more documentation to policy 2004-07-09 08:58 spender * policy: update policy 2004-07-09 08:23 spender * policy: update policy 2004-07-09 08:18 spender * policy: update policy 2004-07-08 09:58 spender * gradm.l: add back including of directories 2004-07-06 20:55 spender * gradm_adm.c: add /etc/ld.so.preload r 2004-07-06 17:54 spender * gradm_adm.c: add /dev/null rw 2004-07-06 09:45 spender * gradm_adm.c: allow /dev/tty rw 2004-07-06 09:20 spender * gradm.l: allow domain learning 2004-07-05 15:02 spender * policy: add domain info 2004-07-05 14:47 spender * Makefile, acl, gradm.8, gradm.l, gradm.y, gradm_analyze.c, gradm_arg.c, gradm_defs.h, gradm_func.h, gradm_learn.c, gradm_misc.c, gradm_nest.c, gradm_net.c, gradm_opt.c, gradm_parse.c, policy: add domain support, naming convention changes, bugfixes 2004-07-05 11:31 spender * gradm_parse.c: fix allocation 2004-07-05 11:30 spender * gradm.y, gradm_defs.h, gradm_parse.c: revert last change 2004-07-05 11:26 spender * gradm.y, gradm_defs.h, gradm_parse.c: fix allocation 2004-06-30 12:51 spender * Makefile: update minor number 2004-06-30 12:48 spender * Makefile: change minor number 2004-06-29 12:19 spender * gradm_parse.c: allow new regex matching 2004-06-25 13:04 spender * gradm_defs.h: update version 2004-06-23 17:19 spender * gradm_arg.c, gradm_misc.c: return nonzero exit code on failure 2004-06-23 16:55 spender * gradm.h, gradm_adm.c: use glibc elf headers 2004-06-17 22:50 spender * gradm_learn.c: remove debugging 2004-06-17 22:50 spender * gradm_learn.c, gradm_newlearn.c: fix learning analysis crash 2004-06-17 21:51 spender * Makefile, gradm.l: remove debugging 2004-06-17 21:50 spender * Makefile, gradm.l, gradm_func.h, gradm_lib.c, gradm_parse.c: fix crash with nested subjects 2004-06-16 06:02 spender * gradm_parse.c: don't insert nested subjects into main hash 2004-06-14 03:09 spender * gradm_learn.c: fix crash 2004-06-13 00:12 spender * gradm_misc.c: compile fix 2004-06-12 05:04 spender * gradm_arg.c, gradm_func.h, gradm_misc.c: pass only a pointer to the kernel during interaction 2004-06-12 04:31 spender * gradm_arg.c: don\'t require password for role deauthentication 2004-06-12 04:21 spender * Makefile: fix segfault in lex/yacc due to buggy gcc 2004-05-31 11:03 spender * gradm_analyze.c: add check for default role 2004-05-08 15:26 spender * gradm_opt.c: reduce complexity of finding subject to inherit from 2004-04-06 15:09 spender * gradm_newlearn.c: add mode 2004-04-06 15:05 spender * gradm_newlearn.c: much better reduction of directories with multiple modes 2004-04-05 23:10 spender * gradm_defs.h, grlearn.c: comment out object rewriting until it can be handled properly in the reduction code 2004-04-05 22:08 spender * gradm_newlearn.c: revert last change 2004-04-05 22:03 spender * gradm_newlearn.c: don't reduce /proc/*/blah to /proc/* 2004-04-05 20:12 spender * grlearn.c: return the orig string 2004-04-05 20:06 spender * grlearn.c: fix crash 2004-04-05 20:01 spender * grlearn.c: fix typo 2004-04-05 19:59 spender * grlearn.c: optimizations and pre-disk /proc/ rewriting 2004-04-04 00:19 spender * Makefile, gradm.h: fix 2.4/2.6 support 2004-04-03 12:18 spender * gradm_parse.c: move function, fix typo 2004-04-03 12:17 spender * gradm.h: fix typo 2004-04-03 12:13 spender * gradm.h: compile fix 2004-04-03 12:11 spender * gradm.h, gradm_defs.h: revert last change 2004-04-03 12:11 spender * gradm_defs.h: include header 2004-04-03 11:22 spender * gradm.h, gradm_arg.c, gradm_defs.h, gradm_human.c: support both 2.4 and 2.6 2004-04-03 11:03 spender * gradm_adm.c: remove t 2004-04-03 11:03 spender * acl, gradm.l, gradm_defs.h, gradm_parse.c: make the no ptrace flag an object mode 2004-04-03 10:48 spender * gradm.l, gradm_parse.c: add /home/spender support to user roles 2004-03-30 20:20 spender * gradm_cap.c, gradm_func.h, gradm_opt.c, gradm_parse.c: warning fixes from peter s mazinger 2004-03-24 20:26 spender * gradm_parse.c: update last change 2004-03-24 20:21 spender * gradm_arg.c: don't read in pwfile on unauth 2004-03-24 20:20 spender * gradm_parse.c: fix unauth problem 2004-03-12 06:16 spender * gradm_adm.c: add /dev/urandom access for propoliced systems 2004-03-09 21:54 spender * gradm_defs.h: better structure packing 2004-03-09 20:45 spender * gradm_misc.c: ACL -> RBAC 2004-03-07 21:45 spender * acl: update docs 2004-03-07 19:30 spender * gradm_parse.c: compile fixes 2004-03-07 19:22 spender * gradm.l, gradm.y, gradm_defs.h, gradm_lib.c, gradm_parse.c: implement user and group transition checking and enforcement 2004-03-04 00:27 spender * gradm_fulllearn.c: update progress 2004-03-04 00:20 spender * gradm_fulllearn.c: flush buffers 2004-03-04 00:18 spender * gradm_fulllearn.c: update progress 2004-03-04 00:13 spender * gradm_fulllearn.c: add more progress 2004-03-04 00:09 spender * gradm_fulllearn.c: fix typo 2004-03-04 00:09 spender * gradm_fulllearn.c: add progress 2004-03-03 23:27 spender * gradm_lib.c: fix hash 2004-03-03 23:21 spender * gradm_lib.c: fix null 2004-03-03 23:17 spender * gradm_fulllearn_pass2.y, gradm_learn.c: fix typos 2004-03-03 23:15 spender * gradm_lib.c: compile fix 2004-03-03 23:14 spender * gradm_lib.c: compile fixes 2004-03-03 23:10 spender * gradm_func.h, gradm_learn.c, gradm_newlearn.c, gradm_fulllearn.c, gradm_lib.c: compile fixes 2004-03-03 23:05 spender * gradm_defs.h, gradm_fulllearn.c, gradm_fulllearn_pass2.y, gradm_fulllearn_pass3.y, gradm_func.h, gradm_learn.c, gradm_learn_pass1.y, gradm_learn_pass2.y, gradm_lib.c, gradm_newlearn.c: first attempt at learning optimizations 2004-03-03 20:59 spender * gradm_newlearn.c: update frees 2004-03-03 14:18 spender * gradm_newlearn.c: remove frees 2004-03-03 14:15 spender * gradm_lib.c: mimic realloc behavior 2004-03-03 13:48 spender * grlearn.c: fix parsing 2004-03-03 13:44 spender * gradm_adm.c: update gradm acl 2004-03-03 13:41 spender * Makefile, gradm.l, gradm_defs.h: more flexible include 2004-03-02 15:57 spender * acl: update docs 2004-03-02 15:42 spender * gradm.l, gradm_analyze.c, gradm_cap.c, gradm_defs.h, gradm_opt.c: implement new capability inheritance system 2004-03-02 14:13 spender * grlearn.c: use new learning log system that can store more logs 2004-02-29 10:55 spender * gradm_lib.c: force subjects to have hash table 2004-02-29 10:49 spender * gradm_lib.c: copy over linked list 2004-02-29 10:36 spender * gradm_lib.c: fix typo 2004-02-29 10:31 spender * gradm_lib.c: fix function calls 2004-02-29 10:23 spender * gradm_lib.c: fix lookups 2004-02-29 10:05 spender * gradm.h, gradm.l, gradm_analyze.c, gradm_defs.h, gradm_func.h, gradm_learn.c, gradm_lib.c, gradm_nest.c, gradm_newlearn.c, gradm_parse.c: convert userspace lookup functions to O(1) 2004-02-24 22:11 spender * Makefile, gradm_lib.c, gradm_newlearn.c: use new anticipatory memory allocator and resizer 2004-02-22 10:12 spender * acl, gradm.l, gradm_adm.c, gradm_human.c, gradm_parse.c: implement userspace code for two new subject flags 2004-02-21 13:54 spender * gradm_analyze.c: compile fix 2004-02-21 13:38 spender * gradm.h, gradm_analyze.c, gradm_defs.h, gradm_parse.c: kernel interpretation of globbing 2004-02-18 20:34 spender * gradm_defs.h: version update 2004-02-18 09:37 spender * gradm.h, gradm_adm.c, gradm_analyze.c, gradm_defs.h, gradm_fulllearn.c, gradm_misc.c, gradm_nest.c, gradm_newlearn.c, gradm_opt.c, gradm_res.c, grlearn.c: merge kernel inheritance code 2004-01-29 21:46 spender * gradm_lib.c: update factor 2004-01-29 21:42 spender * gradm_lib.c: add anticipatory allocator and resizer, allocator is 70 percent faster than malloc, resizer is 700 percent faster than realloc 2003-12-15 09:01 spender * gradm_arg.c: revert change 2003-12-15 08:53 spender * gradm.h: add header 2003-12-15 08:51 spender * gradm_arg.c: set exclusive bit on terminal 2003-12-14 21:58 spender * gradm_nest.c: only set the nested pointer on executable objects 2003-12-13 19:22 spender * gradm_nest.c: allow nested subjects on directories 2003-12-13 18:48 spender * gradm_analyze.c: cleanups 2003-12-01 21:30 spender * gradm_adm.c: allow 64-bit libraries 2003-11-30 16:20 spender * gradm_analyze.c: update analysis/enforcement 2003-11-30 16:13 spender * acl: update acl 2003-11-18 12:55 spender * gradm.h: update header 2003-11-18 12:52 spender * gradm_defs.h: update version 2003-11-18 12:51 spender * Makefile, gradm_adm.c: can't be static any longer, due to LDAP and such 2003-11-17 20:06 spender * gradm_defs.h: update defines 2003-11-02 21:09 spender * gradm.l: update lexer 2003-08-20 07:33 spender * gradm.8, gradm_arg.c, gradm_defs.h, gradm_misc.c: add un-admin mode 2003-08-14 14:15 spender * acl: update default acl 2003-08-12 12:58 spender * gradm_arg.c: actually fix it 2003-08-12 12:51 spender * gradm_arg.c: fix stupid typos 2003-08-12 12:39 spender * gradm_arg.c: fix 2003-08-12 12:26 spender * gradm_arg.c: fix logic 2003-08-12 12:18 spender * gradm_arg.c: resolve full path for learning 2003-08-12 10:05 spender * gradm.y, gradm_parse.c: update 2003-08-12 09:57 spender * gradm_defs.h: revert last change 2003-08-12 09:41 spender * gradm_defs.h: initialize 2003-08-12 09:00 spender * gradm.l: better error reporting when including directory 2003-08-07 14:44 spender * gradm_newlearn.c: fix 2003-08-07 14:42 spender * gradm_newlearn.c: still looking for the right numbers 2003-08-07 14:39 spender * gradm_newlearn.c: update 2003-08-07 14:36 spender * gradm_newlearn.c: updates 2003-08-07 14:35 spender * gradm_newlearn.c: update 2003-08-07 14:33 spender * gradm_newlearn.c: some more 2003-08-07 14:32 spender * gradm_newlearn.c: more changes 2003-08-07 14:31 spender * gradm_newlearn.c: more updates 2003-08-07 14:27 spender * gradm_newlearn.c: updates 2003-08-07 14:22 spender * gradm_newlearn.c: updates 2003-08-07 14:19 spender * gradm_newlearn.c: more of a gradient 2003-08-07 14:16 spender * gradm_newlearn.c: use tabbing gradient 2003-08-07 14:12 spender * gradm_newlearn.c: use tabs 2003-08-07 14:01 spender * gradm.h: fix header 2003-08-07 14:00 spender * gradm.h, grlearn.c: fix up headers 2003-08-06 09:36 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_parse.c: add userspace code for TPE in the rbac system 2003-08-06 09:26 spender * grlearn.c: don't kill other stuff accidentally 2003-07-29 14:52 spender * grlearn.c: don't memset the entire buffer on each read 2003-07-28 20:37 spender * gradm_newlearn.c: don't reduce /usr, i've seen it in a couple of my acls, not nice 2003-07-28 20:35 spender * gradm_newlearn.c: update protected paths 2003-07-24 15:05 spender * grlearn.c: update sizes 2003-07-23 19:16 spender * gradm_misc.c: fix reload 2003-07-23 12:44 spender * grlearn.c: update for kernel changes 2003-07-15 15:22 spender * acl: update documentation 2003-07-15 15:10 spender * gradm_newlearn.c: fix 2003-07-15 15:07 spender * gradm_newlearn.c: cleanup 2003-07-15 15:03 spender * gradm_newlearn.c: cleanup 2003-07-15 14:56 spender * gradm_arg.c: fix learning bug 2003-07-15 14:52 spender * gradm_newlearn.c: fix extraction 2003-07-15 14:36 spender * gradm_newlearn.c: fix initializer 2003-07-15 14:29 spender * gradm_newlearn.c: cleanups 2003-07-15 14:06 spender * gradm_fulllearn_pass2.y, gradm_fulllearn_pass3.y, gradm_learn_pass1.y, gradm_learn_pass2.y: no need for ntohl 2003-07-14 19:38 spender * gradm_fulllearn_pass2.y, gradm_fulllearn_pass3.y, gradm_learn_pass1.y, gradm_learn_pass2.y: fix endianness bugs 2003-07-14 16:41 spender * gradm_arg.c: put it back 2003-07-14 14:07 spender * gradm_parse.c: cosmetic fix 2003-07-14 13:31 spender * gradm_arg.c: fix learning log generation while rbac enabled 2003-07-10 14:06 spender * gradm_adm.c: fix several kernel daemons 2003-07-09 20:15 spender * gradm_arg.c: don't allow -F and -E 2003-07-09 17:09 spender * gradm_adm.c: fix warning 2003-07-09 11:14 spender * gradm_adm.c: add check for grlearn 2003-06-30 13:00 spender * Makefile, gradm.y, gradm_learn_pass1.y, gradm_newlearn.c, grlearn.c: cleanups thanks to peter s. mazinger, learning fix by me 2003-06-27 16:18 spender * gradm_learn_pass1.y: don't add kernel acls 2003-06-27 14:52 spender * gradm_learn_pass1.y: fix subject name 2003-06-25 20:18 spender * gradm_newlearn.c: relax thresholds a bit for better learning 2003-06-25 19:55 spender * gradm_newlearn.c: fix proto and socktype reduction 2003-06-25 15:01 spender * gradm_fulllearn_pass1.l, gradm_fulllearn_pass2.l, gradm_fulllearn_pass3.l, gradm_learn_pass1.l, gradm_learn_pass2.l, grlearn.c: update to new learning 2003-06-25 12:46 spender * gradm_arg.c, gradm_defs.h, gradm_func.h, gradm_misc.c: add userspace portion of rbac status mechanism 2003-06-25 11:36 spender * gradm_newlearn.c: fix third pass reduction 2003-06-25 10:12 spender * gradm_arg.c: update usage 2003-06-24 17:19 spender * gradm_newlearn.c: add G to root role 2003-06-24 14:20 spender * gradm.l: allow use of more protocols 2003-06-24 12:15 spender * gradm_newlearn.c: compile fix 2003-06-23 22:56 spender * gradm_newlearn.c: fix for filenames with spaces 2003-06-23 22:29 spender * gradm_adm.c: add gradm acl when enabling full learning 2003-06-23 18:12 spender * Makefile: fix makefile 2003-06-23 15:26 spender * Makefile: fix makefile 2003-06-23 15:15 spender * Makefile: fix makefile 2003-06-23 15:01 spender * Makefile: update devfs check 2003-06-23 14:57 spender * Makefile: fix install with devfs 2003-06-22 18:55 spender * gradm_func.h: wrong function 2003-06-22 18:53 spender * gradm_func.h, gradm_learn.c: ensure default subject security on role-based learning 2003-06-22 18:05 spender * acl: update documentation 2003-06-22 17:32 spender * Makefile: put back stripping 2003-06-22 17:30 spender * Makefile, acl, gradm.8, gradm.l, gradm.y, gradm_adm.c, gradm_arg.c, gradm_defs.h, gradm_fulllearn.c, gradm_fulllearn_pass1.l, gradm_fulllearn_pass1.y, gradm_fulllearn_pass2.l, gradm_fulllearn_pass2.y, gradm_fulllearn_pass3.l, gradm_fulllearn_pass3.y, gradm_func.h, gradm_human.c, gradm_learn.c, gradm_learn_pass1.l, gradm_learn_pass1.y, gradm_learn_pass2.l, gradm_learn_pass2.y, gradm_learner.l, gradm_learner.y, gradm_newlearn.c, gradm_opt.c, gradm_parse.c, grlearn.c: I apologize in advance for putting the security industry out of business. 2003-06-13 19:57 spender * gradm.l: make sure no one tries to make gradm suid root...god knows why 2003-06-12 10:32 spender * gradm.l: fix typo 2003-06-11 17:29 spender * gradm_analyze.c: cosmetic fix 2003-06-09 00:36 spender * gradm.8: update manpage 2003-06-07 21:06 spender * acl, gradm.l: fix up default acl for new modes, fix object modes in lexer 2003-06-06 20:30 spender * acl: update default acl 2003-06-06 18:52 spender * gradm_parse.c: error checking for modes 2003-06-06 17:21 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_parse.c: add creation and deletion modes, change chmod +s mode representation to m 2003-06-06 10:28 spender * gradm_opt.c: fix capabilities bug when only the default acl exists 2003-06-02 20:34 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_parse.c: update modes, add auditing flag 2003-06-02 19:58 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_parse.c: add chmod +s object mode 2003-05-28 10:27 spender * Makefile, grlearn.c: more cleanups by peter s. mazinger 2003-05-28 10:24 spender * gradm_cap.c: cleanup by peter s. mazinger 2003-05-27 21:47 spender * Makefile, gradm_defs.h: merge patches submitted by peter s. mazinger 2003-05-27 21:42 spender * gradm.h, gradm_adm.c, gradm_nest.c, gradm_opt.c, gradm_parse.c, grlearn.c: merge patches submitted by peter s. mazinger 2003-05-27 21:40 spender * grlearn.c: set the mode during open 2003-05-24 15:43 spender * gradm_opt.c: fix inheritance bug 2003-05-16 17:59 spender * gradm.8, gradm_analyze.c, gradm_arg.c, gradm_cap.c, gradm_net.c, gradm_parse.c, gradm_res.c: more verbose errors for duplicates, ACL -> RBAC changes 2003-05-04 22:10 spender * gradm_parse.c: fix broken symlinks with globbing 2003-05-04 21:49 spender * gradm_parse.c: fix broken symlink code. 1.9.9 was correct 2003-05-03 10:33 spender * gradm_sym.c: fix up difference operator 2003-05-03 10:28 spender * gradm_sym.c: fix up difference operator 2003-05-03 10:23 spender * gradm_sym.c: fix typo 2003-05-03 10:23 spender * gradm_sym.c: update difference operator 2003-05-03 09:51 spender * gradm.l: allow comments within variable definition 2003-05-03 09:39 spender * gradm.l, gradm.y, gradm_func.h, gradm_sym.c: implement set operations on variables: AND, OR, DIFFERENCE, eg: ( & ) - 2003-04-28 18:11 spender * Makefile, gradm.l, gradm.y, gradm_defs.h, gradm_func.h, gradm_sym.c: add dynamically allocated symbol table and variable support for objects 2003-04-27 10:49 spender * gradm.l, gradm_arg.c, gradm_cap.c, gradm_opt.c: fix capability inheritance 2003-04-16 17:50 spender * gradm.l: allow use of {}'s...they just have no meaning 2003-04-16 17:40 spender * acl: update default acl 2003-04-16 17:39 spender * gradm_analyze.c: enforce hidden /dev/grsec 2003-04-16 16:59 spender * gradm_parse.c: fix 2003-04-16 16:50 spender * gradm_defs.h, gradm_parse.c: fix symlink parsing 2003-04-16 15:41 spender * gradm_learn.c, gradm_misc.c, gradm_opt.c, gradm_res.c: small speedups, only use strlen when we have to 2003-04-16 14:04 spender * gradm_adm.c: hide and protect learning process 2003-04-16 09:42 spender * gradm_adm.c, grlearn.c: fixes 2003-04-16 09:35 spender * gradm_arg.c: fix learning 2003-04-16 09:33 spender * gradm_func.h: remove func 2003-04-16 09:33 spender * gradm_misc.c: remove syslog code 2003-04-16 09:32 spender * gradm.8, gradm_arg.c, gradm_func.h, gradm_misc.c: finish up gradm integration 2003-04-16 07:44 spender * gradm_func.h: update header 2003-04-16 07:43 spender * gradm.8, gradm_adm.c, gradm_arg.c, gradm_defs.h, gradm_func.h, gradm_parse.c: first parts of gradm integration 2003-04-16 07:16 spender * Makefile, grlearn.c: add new learning daemon...gradm integration coming next 2003-04-15 23:04 spender * Makefile: remove pw file if upgrading to 2.0 2003-04-15 22:02 spender * Makefile: update makefile 2003-04-15 14:03 spender * gradm_nest.c: fix 2003-04-15 12:34 spender * gradm_adm.c: clean up 2003-04-15 12:20 spender * Makefile: update 2003-04-15 12:16 spender * Makefile: update makefile 2003-04-15 12:14 spender * gradm_adm.c, gradm_defs.h, gradm_misc.c: use /dev/grsec 2003-04-15 11:47 spender * Makefile: install device 2003-04-15 11:34 spender * gradm_learner.l, gradm_learner.y: update learning parser for new handling 2003-04-13 18:24 spender * gradm_nest.c: fix typo 2003-04-13 16:10 spender * gradm_parse.c: update 2003-04-13 15:46 spender * acl: update in-acl documentation 2003-04-13 15:39 spender * gradm_nest.c, gradm_opt.c: add configuration inheritance support for nested subjects, they inherit rules from their nested parents 2003-04-13 15:31 spender * gradm_opt.c: update acl inheritance 2003-04-13 15:14 spender * gradm_learner.l: update 2003-04-13 15:03 spender * gradm_learner.l: update learner 2003-04-13 14:43 spender * gradm_human.c: update 2003-04-12 21:32 spender * gradm.y, gradm_nest.c: updates 2003-04-12 21:29 spender * gradm.y: auto-add binary for nested subjects 2003-04-12 21:23 spender * gradm_arg.c, gradm_nest.c: add gradm_nest.c 2003-04-12 16:29 spender * Makefile, gradm.l, gradm.y, gradm_adm.c, gradm_arg.c, gradm_defs.h, gradm_func.h, gradm_misc.c, gradm_parse.c: add userspace code for nested subjects 2003-04-12 13:33 spender * gradm_net.c, gradm_parse.c: fix ip acls 2003-04-06 11:08 spender * acl: add some small documentation 2003-04-05 22:57 spender * gradm.y: default action 2003-04-05 22:13 spender * gradm_adm.c, gradm_analyze.c, gradm_arg.c, gradm_cap.c, gradm_defs.h, gradm_func.h, gradm_human.c, gradm_learn.c, gradm_misc.c, gradm_net.c, gradm_opt.c, gradm_parse.c, gradm_pw.c, gradm_res.c, gradm_sha256.c: lindent code 2003-04-05 19:14 spender * gradm.l: add transition debugging 2003-04-05 19:09 spender * acl: update default acl 2003-04-05 19:07 spender * acl: add role transition 2003-04-05 18:51 spender * gradm_func.h: add define 2003-04-05 18:46 spender * gradm.h, gradm.l, gradm.y, gradm_analyze.c, gradm_defs.h, gradm_parse.c: implement userspace code for role transition tables 2003-04-05 18:13 spender * gradm_parse.c: compile fix 2003-04-05 14:06 spender * gradm.y, gradm_defs.h, gradm_func.h, gradm_learn.c, gradm_learner.y, gradm_parse.c: make role type 16bit 2003-04-05 11:37 spender * acl: update default acl 2003-04-05 10:38 spender * acl: update default acl 2003-04-05 09:57 spender * gradm_arg.c, gradm_parse.c, gradm_pw.c: don't log mlock when non-root 2003-04-05 09:42 spender * gradm.8, gradm_arg.c: add new arg 2003-04-05 09:21 spender * gradm_parse.c: updates 2003-04-05 08:55 spender * gradm_analyze.c: skip analysis for special roles 2003-04-05 08:53 spender * gradm_pw.c: fix pw replace 2003-04-05 08:48 spender * gradm_parse.c: compile fix 2003-04-05 08:45 spender * Makefile: update makefile 2003-04-05 08:42 spender * gradm_arg.c: update getopt 2003-04-05 08:41 spender * gradm_adm.c: update kernel role 2003-04-05 08:34 spender * gradm_pw.c: fix typo 2003-04-05 08:31 spender * gradm_arg.c, gradm_pw.c: update 2003-04-05 08:30 spender * gradm_func.h: update header 2003-04-05 08:28 spender * gradm_parse.c: fix typo 2003-04-05 08:28 spender * gradm_defs.h: add back define 2003-04-05 08:27 spender * gradm_defs.h: compile fix 2003-04-05 08:25 spender * gradm_parse.c: update dupe check 2003-04-05 08:23 spender * gradm_parse.c: update parser 2003-04-05 08:22 spender * gradm.l, gradm_defs.h: update headers 2003-04-05 08:19 spender * gradm_defs.h: compile fix 2003-04-05 08:18 spender * gradm_arg.c, gradm_func.h, gradm_parse.c, gradm_pw.c: finish special roles 2003-04-05 07:43 spender * gradm_arg.c, gradm_parse.c, gradm_adm.c, gradm_func.h: updates for special roles 2003-04-04 22:39 spender * gradm_arg.c, gradm_defs.h, gradm_pw.c: implement password handling routines for new special roles 2003-04-04 21:24 spender * Makefile: update makefile 2003-04-04 21:24 spender * gradm_defs.h: update defines 2003-04-03 13:28 spender * gradm_defs.h, gradm.y: fix typo 2003-04-03 13:28 spender * gradm.y: tokenize ROLE_ALLOW_IP 2003-04-03 13:26 spender * gradm.y: type ip_netmask 2003-04-03 13:04 spender * gradm.h, gradm_defs.h, gradm_parse.c: add ips to gr_arg 2003-04-03 12:46 spender * gradm_defs.h: update 2003-04-03 12:45 spender * gradm.l, gradm.y, gradm_defs.h, gradm_func.h, gradm_net.c: add first bit of userspace code for ip-based roles 2003-04-03 10:06 spender * gradm_analyze.c: small speedup 2003-04-03 09:26 spender * gradm_parse.c: update learning mode 2003-04-03 09:15 spender * gradm.l: update lexer 2003-04-03 09:13 spender * gradm.y: remove debugging 2003-04-03 08:57 spender * gradm_human.c: update learning 2003-04-03 08:46 spender * gradm_func.h: update declarations 2003-04-03 08:43 spender * gradm_defs.h, gradm_learn.c: add userspace code for new learning 2003-04-03 08:26 spender * gradm_learner.l, gradm_learner.y: update parser for learning 2003-04-03 07:29 spender * gradm_analyze.c: skip kernel and admin for acl checks 2003-04-03 07:25 spender * gradm_analyze.c: enable analysis 2003-04-03 06:31 spender * gradm_parse.c: update 2003-04-03 00:34 spender * gradm_adm.c: update acl 2003-04-03 00:33 spender * gradm.l: update 2003-04-03 00:30 spender * gradm_parse.c: updates 2003-04-03 00:17 spender * gradm_adm.c, gradm_arg.c: updates 2003-04-03 00:14 spender * gradm.y, gradm_adm.c, gradm_arg.c, gradm_func.h, gradm_parse.c: updates 2003-04-03 00:06 spender * gradm_parse.c: add admin and kernel acls 2003-04-02 23:51 spender * gradm.l, gradm_parse.c: updates 2003-04-02 23:15 spender * gradm_analyze.c: compile fix 2003-04-02 23:07 spender * gradm_func.h: compile fix 2003-04-02 22:12 spender * gradm_analyze.c: update logging 2003-04-02 22:09 spender * gradm_analyze.c: fix acl analysis 2003-04-02 22:04 spender * gradm_analyze.c: fix acl analysis 2003-04-02 21:47 spender * gradm_analyze.c: update analysis 2003-04-02 21:16 spender * acl: add G to default, allows for authentication to kernel 2003-04-02 20:46 spender * gradm_adm.c: updates 2003-04-02 20:32 spender * gradm.l, gradm_adm.c, gradm_defs.h, gradm_parse.c: updates 2003-04-02 10:11 spender * gradm_misc.c: add authentication error reporting 2003-03-31 19:33 spender * gradm.l: add error detection 2003-03-31 19:30 spender * gradm.l: fix commenting 2003-03-29 20:36 spender * gradm_arg.c: fix learning for syslogng 2003-03-29 09:42 spender * gradm.l: keep states during include 2003-03-28 18:15 spender * acl, gradm.l, gradm.y, gradm_func.h, gradm_misc.c, gradm_parse.c: implement recursive parser, correct include directive 2003-03-28 17:47 spender * gradm_parse.c, gradm_human.c: fix typo 2003-03-28 17:22 spender * Makefile, gradm.h: dietlibc updates 2003-03-27 22:31 spender * gradm.y, gradm_adm.c, gradm_defs.h, gradm_learn.c, gradm_opt.c, gradm_parse.c: better symlink/globbing code 2003-03-23 13:46 spender * gradm.h: update header 2003-03-22 22:31 spender * gradm_arg.c, gradm_parse.c, gradm_pw.c: lock authentication structures into physical memory 2003-03-17 18:17 spender * gradm_parse.c: stat fix 2003-03-16 22:28 spender * gradm_parse.c: update dupe checks 2003-02-25 17:32 spender * gradm_adm.c: allow no socket ops for gradm 2003-02-25 16:57 spender * gradm_arg.c: fix -L arg handling 2003-02-21 21:42 spender * gradm_defs.h, gradm_human.c, gradm_parse.c: protprocpid -> protprocfd 2003-02-21 21:37 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_parse.c: add log suppression, process accounting, update globbing behavior 2003-02-20 07:49 spender * gradm_parse.c: update glob error reporting 2003-02-06 07:25 spender * gradm_learner.l: fix support for some syslog-ng installs 2003-01-29 11:17 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_parse.c: add new proc fd/mem restriction subject flag 2003-01-22 20:31 spender * gradm.l, gradm_defs.h, gradm_parse.c: throw in the beginnings of special roles 2003-01-20 14:00 spender * gradm_adm.c: fix kernel acl 2003-01-19 18:55 spender * gradm_adm.c: fix typo 2003-01-19 18:51 spender * gradm.y: fix internal acl adding 2003-01-19 13:18 spender * acl, gradm.l, gradm_defs.h, gradm_opt.c, gradm_parse.c: remove o object mode, it's silly 2003-01-17 22:41 spender * gradm_adm.c: fix keventd incompatibility 2003-01-17 18:52 spender * gradm_defs.h: fix compilation on m68k 2003-01-16 17:22 spender * gradm_learner.y: fix resource learning 2003-01-15 23:31 spender * Makefile, acl, gradm.8, gradm.h, gradm.l, gradm.y, gradm_adm.c, gradm_analyze.c, gradm_arg.c, gradm_cap.c, gradm_defs.h, gradm_func.h, gradm_human.c, gradm_learn.c, gradm_learner.l, gradm_learner.y, gradm_misc.c, gradm_net.c, gradm_opt.c, gradm_parse.c, gradm_pw.c, gradm_res.c, gradm_sha256.c: Initial revision 2003-01-15 23:31 spender * Makefile, acl, gradm.8, gradm.h, gradm.l, gradm.y, gradm_adm.c, gradm_analyze.c, gradm_arg.c, gradm_cap.c, gradm_defs.h, gradm_func.h, gradm_human.c, gradm_learn.c, gradm_learner.l, gradm_learner.y, gradm_misc.c, gradm_net.c, gradm_opt.c, gradm_parse.c, gradm_pw.c, gradm_res.c, gradm_sha256.c: initial import of gradm 2.0-pre1