2004-06-23 16:57 spender * gradm.h, gradm_adm.c: use glibc elf headers 2004-04-14 13:14 spender * gradm_defs.h: update version 2004-02-21 09:22 spender * gradm.h, gradm_res.c: fix defines 2004-02-18 12:54 spender * gradm_defs.h: version update 2003-12-15 09:00 spender * gradm_arg.c: revert change 2003-12-15 08:53 spender * gradm.h: add header 2003-12-15 08:50 spender * gradm_arg.c: set exclusive bit on terminal 2003-11-18 13:13 spender * debian_secure_acls/mysqld: add tmp rule 2003-11-18 13:10 spender * debian_secure_acls/apache: add mysql rule 2003-11-18 12:58 spender * debian_secure_acls/sshd: allow access to .ssh 2003-11-18 12:55 spender * gradm.h: update header 2003-11-18 12:53 spender * gradm_defs.h: update version 2003-09-01 23:09 spender * gradm_defs.h: update version 2003-07-10 14:05 spender * gradm_adm.c: fix several kernel daemons 2003-06-23 18:28 spender * gradm_analyze.c: compile fix 2003-06-23 01:23 spender * gradm_defs.h: update version 2003-06-21 13:10 spender * acl: update default acl 2003-06-21 12:06 spender * acl, gradm_analyze.c: update default acl, add additional enforcements 2003-06-13 11:54 spender * gradm_defs.h: update version 2003-06-11 17:29 spender * gradm_analyze.c: cosmetic fix 2003-06-06 10:28 spender * gradm_opt.c: fix typo 2003-06-06 10:26 spender * gradm_opt.c: fix capabilities bug when only the default acl exists 2003-05-27 21:39 spender * Makefile, gradm_cap.c, gradm_defs.h: merge patches sent by peter s. mazinger 2003-05-24 15:41 spender * gradm_opt.c: fix inheritance bug 2003-05-05 20:57 spender * gradm_defs.h: update version 2003-05-04 22:12 spender * gradm_parse.c: fix typo 2003-05-04 22:09 spender * gradm_parse.c: fix broken symlinks with globbing 2003-05-04 21:48 spender * gradm_parse.c: update symlink code, no need for lstat after we resolve the real path 2003-04-27 10:47 spender * gradm.l, gradm_cap.c, gradm_opt.c: fix capability inheritance 2003-04-19 16:41 spender * gradm_defs.h: update version 2003-04-19 13:08 spender * acl: update default acl 2003-04-16 17:01 spender * gradm_parse.c: fix 2003-04-16 15:34 spender * gradm_learn.c, gradm_misc.c, gradm_opt.c, gradm_parse.c, gradm_res.c: small speedups, don't use strlen when we don't have to 2003-04-13 19:20 spender * acl: update default acl 2003-04-13 15:15 spender * gradm_learner.l: update 2003-04-13 15:01 spender * gradm_learner.l: update learner 2003-04-13 14:45 spender * gradm_human.c: update 2003-04-13 14:42 spender * gradm_human.c: update 2003-04-06 15:43 spender * acl, debian_secure_acls/default: update acls 2003-04-05 22:13 spender * gradm_adm.c, gradm_analyze.c, gradm_arg.c, gradm_cap.c, gradm_defs.h, gradm_func.h, gradm_human.c, gradm_learn.c, gradm_misc.c, gradm_net.c, gradm_opt.c, gradm_parse.c, gradm_pw.c, gradm_res.c, gradm_sha256.c: lindent code 2003-04-03 10:06 spender * gradm_analyze.c: small speedup 2003-04-02 22:11 spender * gradm_analyze.c: update logging 2003-04-02 22:09 spender * gradm_analyze.c: fix acl analysis 2003-04-02 22:05 spender * gradm_analyze.c: fix acl analysis 2003-04-02 10:07 spender * gradm_misc.c: add enomem reporting 2003-03-29 20:35 spender * gradm_arg.c: fix learning for syslogng 2003-03-29 19:12 spender * gradm_parse.c: fix typo 2003-03-29 19:11 spender * gradm_parse.c: better error reporting 2003-03-29 19:07 spender * gradm_parse.c: better error reporting 2003-03-29 19:04 spender * gradm_defs.h, gradm_parse.c: better error reporting 2003-03-28 17:22 spender * Makefile: sparc64 update 2003-03-28 16:24 spender * Makefile, gradm.h: dietlibc updates 2003-03-27 22:02 spender * gradm_parse.c: compile fix 2003-03-27 21:54 spender * gradm_parse.c: fix duplicate bug with globbing 2003-03-27 21:47 spender * gradm_parse.c: fix duplicate bug with globbing 2003-03-27 21:42 spender * gradm.y, gradm_defs.h, gradm_learn.c, gradm_parse.c: add GR_FLEARN, GR_GLOB 2003-03-27 21:33 spender * gradm.y, gradm_adm.c, gradm_defs.h, gradm_opt.c, gradm_parse.c: fix duplicate bug with globbing 2003-03-23 13:46 spender * gradm.h: update header 2003-03-22 22:29 spender * gradm_arg.c: compile fix 2003-03-22 22:25 spender * gradm_arg.c, gradm_parse.c, gradm_pw.c: compile fix 2003-03-22 22:23 spender * gradm_adm.c, gradm_arg.c, gradm_parse.c, gradm_pw.c: lock password into physical memory 2003-03-21 07:18 spender * debian_secure_acls/sshd: revert change 2003-03-20 17:52 spender * debian_secure_acls/sshd: fix typo 2003-03-19 09:26 spender * gradm_defs.h: update gradm version to match kernel version 2003-03-18 18:50 spender * gradm_misc.c: compile fix 2003-03-18 17:29 spender * gradm_misc.c: compile fix 2003-03-18 17:20 spender * gradm_misc.c: compile fix 2003-03-18 17:17 spender * gradm_misc.c: update authentication reporting 2003-03-17 19:42 spender * gradm_parse.c: compile fix 2003-03-17 19:41 spender * gradm_parse.c: update logging 2003-03-17 19:37 spender * gradm_parse.c: update logging 2003-03-17 19:24 spender * gradm_parse.c: update logging 2003-03-17 19:19 spender * gradm_parse.c: more verbose logging 2003-03-17 19:13 spender * gradm_parse.c: fixes 2003-03-17 19:01 spender * gradm_parse.c: compile fixes 2003-03-17 18:57 spender * gradm_parse.c: symlink fixes 2003-03-17 18:17 spender * gradm_parse.c: fix stat 2003-03-16 22:12 spender * gradm_parse.c: clean up 2003-03-16 21:57 spender * gradm_parse.c: compile fix 2003-03-16 21:55 spender * gradm_parse.c: fix dupe checks 2003-02-25 17:29 spender * gradm_adm.c: allow no socket ops for gradm 2003-02-25 16:56 spender * gradm_arg.c: fix -L arg handling 2003-02-21 21:22 spender * gradm_parse.c: change globbing behavior so it fills in rules instead of attempting to replace them. thus the rules /etc/* h and /etc/mtab rw are valid 2003-02-20 19:30 spender * gradm.l, gradm_analyze.c, gradm_defs.h, gradm_human.c, gradm_parse.c: add log suppression and process accounting, remove read only ptrace auditing, it's not implemented, and wouldn't be useful as it would flood logs 2003-02-20 07:47 spender * gradm_parse.c: update glob error reporting 2003-02-18 13:32 spender * acl: hide /boot for kernel symbol hiding 2003-02-12 22:43 spender * acl, gradm_analyze.c: enforce removal of cap_sys_tty_config 2003-02-11 09:58 spender * acl, gradm_analyze.c: enforce -CAP_SYS_ADMIN 2003-02-06 07:25 spender * gradm_learner.l: fix support for some syslog-ng installs 2003-02-03 21:08 spender * debian_secure_acls/sshd: update debian ACLs 2003-02-01 11:21 spender * gradm_adm.c: add proc fd/mem protection to gradm 2003-01-29 16:49 spender * gradm_defs.h: compile fix 2003-01-29 09:31 spender * acl, gradm.l, gradm_human.c, gradm_parse.c: add net proc fd/mem protection subject flag 2003-01-23 11:40 spender * acl: remove cap_sys_ptrace in default acl 2003-01-20 15:11 spender * gradm.l: fix comment bug 2003-01-20 14:20 spender * acl: update default acl 2003-01-20 14:00 spender * gradm_adm.c: fix kernel acl 2003-01-19 18:56 spender * gradm_adm.c: fix typo 2003-01-19 18:54 spender * gradm_adm.c: fix internal acl adding 2003-01-19 18:50 spender * gradm.y: fix internal acl adding 2003-01-19 13:18 spender * acl, gradm_defs.h, debian_secure_acls/xfree86: update acls 2003-01-19 13:14 spender * gradm_opt.c, gradm_parse.c: get rid of o object flag, it's silly 2003-01-17 22:39 spender * gradm_adm.c: fix keventd compatibility 2003-01-17 18:51 spender * gradm_defs.h: fix compile error on m68k 2003-01-16 11:40 spender * gradm_learner.y: fix resource learning 2003-01-15 20:35 spender * gradm_func.h, gradm_learn.c, gradm_learner.l, gradm_learner.y: error recovery for learning logs 2003-01-15 18:39 spender * gradm_human.c: add PROTSHM to human flags 2003-01-14 21:21 spender * Makefile: remove debugging 2003-01-14 21:21 spender * Makefile, gradm.h, gradm_parse.c: add globbing support for objects 2003-01-13 15:44 spender * gradm_defs.h: update version 2003-01-13 15:43 spender * Makefile: update makefile for sparc64 2003-01-12 23:18 spender * debian_secure_acls/: apache, getty, inetd, klogd, postfix, tcpd: update debian secure acls 2003-01-12 23:11 spender * gradm.8, gradm.l, gradm.y, gradm_analyze.c, gradm_arg.c, gradm_defs.h, gradm_func.h, gradm_human.c, gradm_opt.c, gradm_parse.c: update userspace code to match new kernel code 2002-12-31 10:47 spender * gradm_adm.c: compile fix 2002-12-31 10:44 spender * gradm.l, gradm.y, gradm_adm.c, gradm_cap.c, gradm_defs.h, gradm_func.h, gradm_human.c, gradm_opt.c, gradm_parse.c: remove capability inheritance, broken and not needed 2002-12-18 23:05 spender * gradm_pw.c: fix password restriction 2002-12-18 22:20 spender * Makefile: update makefile for new pw format 2002-12-18 22:12 spender * Makefile, gradm.h, gradm_defs.h, gradm_sha256.c: rip out sha1, use sha256 2002-12-18 21:36 spender * gradm_pw.c: enforce a minimum of 6 character passwords 2002-12-18 15:08 spender * acl: update default acl 2002-12-18 11:05 spender * gradm_arg.c, gradm_defs.h, gradm_func.h, gradm_learn.c: __kernel_dev_t -> unsigned short, fix sha1 implementation for 64bit archs 2002-12-18 07:40 spender * Makefile, gradm.l, gradm_res.c: fix comment syntax, fix makefile 2002-12-17 14:57 spender * Makefile, gradm_analyze.c: update makefile and cleanup thanks to peter s mazinger 2002-12-16 10:55 spender * gradm_analyze.c: fix typo 2002-12-15 22:17 spender * acl, debian_secure_acls/syslogd: update acls 2002-12-14 22:02 spender * debian_secure_acls/postfix: postfix can't use randexec 2002-12-14 20:33 spender * debian_secure_acls/postfix: postfix can handle randexec now 2002-12-14 16:15 spender * debian_secure_acls/tcpd: add tcpd acl 2002-12-14 15:17 spender * acl: update default acl 2002-12-14 14:26 spender * acl, debian_secure_acls/cron, debian_secure_acls/ipop3d, debian_secure_acls/klogd, debian_secure_acls/login, debian_secure_acls/sshd, debian_secure_acls/syslogd: update acls for unix domain changes 2002-12-14 14:00 spender * acl, gradm_analyze.c: update default acl, protect /dev/log 2002-12-13 10:46 spender * gradm_learner.l: add support for metalog and syslogng 2002-12-10 21:12 spender * gradm_analyze.c: fix some small bugs in new mode...as an additional note, Makefile changes are credited to Peter S. Mazinger 2002-12-10 20:57 spender * Makefile, gradm.l, gradm_analyze.c, gradm_defs.h, gradm_human.c, gradm_parse.c: implement new userspace mode, T, which ensures a process can't execute any trojaned code 2002-12-10 17:38 spender * gradm_analyze.c: add ptrace to -T option 2002-12-10 16:08 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_parse.c: add userspace code needed for read-only ptrace 2002-12-10 15:23 spender * acl, gradm_analyze.c, debian_secure_acls/default: enforce /dev/port hidden 2002-12-09 20:19 spender * gradm_parse.c: fix RES_CRASH for non-existant subjects 2002-12-06 21:05 spender * gradm_pw.c: fclose -> close 2002-12-06 21:04 spender * gradm_pw.c: fix pw code 2002-12-05 09:22 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_parse.c: userspace code for two new subject flags 2002-12-01 19:02 spender * gradm.y: make objects for subjects have override flag...fixes case where binary is hidden in parent ACL, but an ACL exists for the subject, and o isn't specified for the subject 2002-12-01 14:49 spender * gradm_pw.c: fall back on urandom 2002-11-25 12:39 spender * debian_secure_acls/postfix: smtp can't use randexec 2002-11-25 10:59 spender * debian_secure_acls/init: fix typo 2002-11-24 18:39 spender * debian_secure_acls/ipop3d: ipop3d can't use randexec 2002-11-24 09:33 spender * debian_secure_acls/default: include dir 2002-11-23 20:11 spender * debian_secure_acls/: apache, cron, default, getty, inetd, init, ipop3d, klogd, login, mysqld, postfix, sshd, syslogd, xfree86: add a secure set of debian acls 2002-11-23 14:45 spender * gradm_analyze.c: enforce /proc/kcore h 2002-11-21 18:23 spender * gradm_defs.h: enforce type sizes 2002-11-20 20:15 spender * gradm.l, gradm_defs.h, gradm_parse.c: remove GR_EXISTS, add GR_PROTSHM - shared memory protection via process flag soon to be implemented in kernel 2002-11-19 21:48 spender * acl: add initctl 2002-11-19 21:27 spender * acl: add tty 7 + 8 2002-11-19 19:31 spender * acl: make /proc/kcore hidden 2002-11-19 18:12 spender * acl: add some more to default acl 2002-11-19 16:35 spender * acl: add /dev/zero 2002-11-19 16:11 spender * acl, gradm_analyze.c: add /dev/urandom, /dev/random, /dev/input, /dev/psaux 2002-11-19 15:56 spender * acl: add /dev/mixer 2002-11-19 15:55 spender * acl: add /dev/dsp 2002-11-19 15:43 spender * gradm_analyze.c: enforce /dev r 2002-11-19 15:41 spender * acl: update default acl 2002-11-17 09:39 spender * gradm_arg.c, gradm_parse.c: zero info passed to kernel once we're done with it 2002-11-16 10:25 spender * gradm_adm.c, gradm_func.h, gradm_parse.c: implement kernel process hiding 2002-11-13 12:51 spender * gradm_func.h: compile fix 2002-11-13 12:50 spender * gradm_analyze.c, gradm_func.h, gradm_human.c, gradm_learn.c, gradm_learner.l, gradm_learner.y, gradm_opt.c, gradm_parse.c: finish u16 -> u32 conversion 2002-11-10 22:28 spender * gradm_defs.h: version increment 2002-11-06 16:54 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_parse.c: randomized stack isn't configurable per process 2002-11-06 16:36 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_opt.c, gradm_parse.c: implement the pax flags in the ACL system 2002-11-04 11:11 spender * gradm_func.h, gradm_pw.c: cleanups, thanks to peter s mazinger 2002-11-01 07:37 spender * gradm_parse.c: fix bug 2002-10-31 22:04 spender * gradm_defs.h: fixes 2002-10-31 20:19 spender * gradm.l, gradm_defs.h, gradm_human.c, gradm_parse.c: add ignore flag 2002-10-31 16:16 spender * gradm_arg.c, gradm_pw.c: put sum handling in userspace 2002-10-31 15:36 spender * gradm_defs.h: sync up with kernel 2002-10-31 12:42 spender * gradm_defs.h, gradm_parse.c: sync userspace with kernel 2002-10-08 13:32 spender * gradm_parse.c: revert lstat change, need some other way to represent that you want the acl to be placed on the symlink itself 2002-10-07 22:06 spender * gradm_parse.c: use lstat for objects so symlinks can be represented in the config 2002-09-27 15:00 spender * gradm.y, gradm_adm.c, gradm_func.h: remove add_binary_libs for now...add your own library acls 2002-09-20 07:23 spender * gradm_analyze.c, gradm_arg.c: compile fix, cleanup 2002-09-19 20:50 spender * acl, gradm_analyze.c: enforce read only /root 2002-09-19 14:59 spender * gradm_func.h, gradm_opt.c, gradm_parse.c: remove acl_is_needed -> can't use it because of symlinks 2002-09-19 11:29 spender * gradm_adm.c: fix admin mode 2002-09-18 13:22 spender * gradm_arg.c: fix broken getopt 2002-09-17 11:16 spender * gradm.h, gradm_defs.h: fix HZ 2002-09-16 11:37 spender * gradm_analyze.c: permit writable subject acls: needed when the acl system is being used in a non-universal manner 2002-09-11 16:51 spender * gradm_misc.c: update syslog check 2002-09-08 10:31 spender * gradm_defs.h, gradm_res.c: fix segvguard 2002-09-08 10:19 spender * gradm_res.c: remove debugging 2002-09-08 10:19 spender * gradm_res.c: fix segvguard 2002-09-05 11:16 spender * Makefile: add license 2002-09-05 11:07 spender * Makefile: add license 2002-09-05 11:04 spender * Makefile: add license 2002-09-05 11:01 spender * Makefile: add license 2002-09-05 10:52 spender * gradm_human.c: fix learning mode output 2002-09-04 11:28 spender * gradm.h: clean up header, thanks to peter s. mazinger 2002-09-03 10:15 spender * gradm.h, gradm.y, gradm_learner.l, gradm_learner.y: header cleanups, thanks to peter s. mazinger 2002-08-31 18:51 spender * Makefile: remove debugging 2002-08-31 16:20 spender * gradm.l, gradm.y, gradm_func.h, gradm_learn.c, gradm_net.c: fix ip acls 2002-08-31 14:42 spender * gradm.l, gradm_defs.h, gradm_parse.c: remove debugging 2002-08-29 18:57 spender * gradm.y, gradm_human.c: rdm support 2002-08-29 18:29 spender * gradm.y, gradm_adm.c, gradm_human.c: add rdp support 2002-08-29 11:23 spender * gradm_adm.c: fix gradm subject 2002-08-27 14:12 spender * Makefile, gradm.l, gradm_learn.c, gradm_learner.l: fix learning mode crash 2002-08-27 13:53 spender * gradm_learn.c: null check in add_learn_file_info 2002-08-27 13:17 spender * gradm_adm.c, gradm_parse.c: code cleanup thanks to the pax team 2002-08-26 13:03 spender * gradm.l, gradm.y: fix lex parser 2002-08-26 12:28 spender * gradm_learn.c: learning mode update 2002-08-26 11:25 spender * gradm_func.h, gradm_learn.c, gradm_learner.l: update learning mode 2002-08-26 11:09 spender * Makefile, gradm.l, gradm_func.h, gradm_human.c, gradm_learn.c, gradm_learner.l, gradm_res.c: code cleanup 2002-08-26 10:47 spender * gradm.y, gradm_human.c: fix disabled in ip acls 2002-08-23 20:26 spender * gradm_human.c: don't introduce any ip acls in learning mode if none exist before 2002-08-23 16:40 spender * gradm.y: fix proto 0 for udp also 2002-08-23 16:18 spender * gradm.y: fix protocol 0 2002-08-23 15:59 spender * gradm.l: fix type parsing 2002-08-23 15:55 spender * gradm_misc.c, gradm_res.c: code cleanup 2002-08-22 13:32 spender * gradm_learner.l: fix crash 2002-08-22 11:23 spender * gradm_misc.c: close /etc/syslog.conf 2002-08-22 10:11 spender * gradm_human.c: fix subject mode human output 2002-08-22 09:31 spender * gradm_misc.c: better handling of /etc/syslog.conf 2002-08-21 19:21 spender * gradm.8: clarify -L in manpage 2002-08-21 18:19 spender * gradm_human.c: fix netmask -> int code 2002-08-21 18:13 spender * gradm.y, gradm_human.c: fix ip acl learning 2002-08-21 14:17 spender * gradm_learner.l: fix learn log parsing 2002-08-18 07:12 spender * gradm_parse.c, gradm_res.c: update segvguard code 2002-08-15 15:47 spender * gradm.h, gradm_defs.h, gradm_human.c, gradm_learn.c, gradm_learner.l, gradm_learner.y: ip acl learning 2002-08-15 13:48 spender * Makefile, gradm.l, gradm.y, gradm_func.h, gradm_learn.c, gradm_learner.l, gradm_learner.y, gradm_parse.c, gradm_res.c: fix ip protocols, introduce lex parser for learning log parsing 2002-08-14 18:26 spender * acl, gradm.y, gradm_defs.h, gradm_func.h, gradm_net.c: code cleanup 2002-08-14 16:36 spender * gradm.y, gradm_defs.h, gradm_func.h, gradm_net.c, gradm_parse.c: finish rest of userspace support for ip acls 2002-08-14 10:18 spender * gradm.y: compile fix 2002-08-14 09:33 spender * gradm.y: fix sockets 2002-08-14 09:14 spender * gradm.h, gradm.l, gradm.y, gradm_defs.h, gradm_func.h, gradm_human.c, gradm_misc.c, gradm_net.c, gradm_parse.c: speed up mode conversion, add socket() handling support, support all protocols 2002-08-13 20:26 spender * gradm.y, gradm_defs.h, gradm_func.h, gradm_net.c: make single port member 2002-08-13 16:32 spender * gradm.y, gradm_defs.h, gradm_func.h, gradm_net.c: add ip mode 2002-08-13 16:23 spender * gradm_parse.c: add position setting 2002-08-13 16:19 spender * gradm.l, gradm.y, gradm_defs.h, gradm_func.h, gradm_net.c, gradm_parse.c: complete usermode handling of ip acls 2002-08-13 14:10 spender * gradm_net.c: parse ip 2002-08-13 13:58 spender * gradm.l, gradm.y, gradm_func.h, gradm_net.c: fix lex grammar, add ip port parsing 2002-08-13 12:28 spender * Makefile, gradm.h, gradm.l, gradm.y, gradm_adm.c, gradm_cap.c, gradm_defs.h, gradm_func.h, gradm_learn.c, gradm_net.c, gradm_parse.c: optimize lex parser, add more debugging, reduce memory usage, add beginnings of ip/port acls 2002-08-12 13:30 spender * gradm.l, gradm_learn.c: fix acl insertion, queue removal 2002-08-10 11:19 spender * gradm_human.c, gradm_learn.c: fix learning mode bugs 2002-08-09 18:09 spender * gradm.y, gradm_adm.c, gradm_analyze.c, gradm_arg.c, gradm_human.c, gradm_learn.c: fix learning mode 2002-08-09 09:40 spender * gradm.l, gradm_defs.h, gradm_parse.c: fix inexistant object handling 2002-08-08 18:46 spender * gradm_defs.h, gradm_func.h, gradm_human.c, gradm_learn.c, gradm_res.c: resource learning :) 2002-08-08 14:43 michael * gradm_adm.c: doh 2002-08-08 14:41 michael * gradm_adm.c: readlink doesn't guarantee NULL termination 2002-08-08 13:03 spender * acl, gradm_analyze.c: change default acl 2002-08-08 10:06 spender * acl, gradm_cap.c, gradm_human.c, gradm_parse.c: make inherited capabilities separate of regular capabilities, fix admin inode 2002-08-07 21:06 spender * Makefile, acl, gradm.8, gradm.h, gradm.y, gradm_adm.c, gradm_arg.c, gradm_cap.c, gradm_defs.h, gradm_func.h, gradm_human.c, gradm_learn.c, gradm_misc.c, gradm_opt.c, gradm_parse.c: learning mode@#0 2002-08-02 11:14 spender * gradm.y: fix warning 2002-08-02 11:00 spender * gradm.8, gradm.l, gradm_arg.c, gradm_defs.h, gradm_parse.c: implement learning mode as acl subject flag 2002-08-01 18:09 spender * acl: update default acl 2002-07-26 08:08 spender * acl: update default acl 2002-07-24 17:54 spender * gradm.8, gradm_arg.c: update manpage and -M 2002-07-24 16:44 spender * gradm.h, gradm.l, gradm_adm.c, gradm_arg.c, gradm_defs.h, gradm_func.h, gradm_parse.c, gradm_res.c: add beginnings of learning mode, segvguard...reload mode added 2002-07-24 08:55 spender * acl: update default acl 2002-07-23 20:34 spender * acl: update default acl 2002-07-23 12:52 spender * Makefile: remove debugging 2002-07-23 11:28 spender * Makefile, gradm.l, gradm.y, gradm_defs.h, gradm_func.h, gradm_parse.c, gradm_res.c: add process-based resource restrictions 2002-07-22 15:52 spender * gradm_adm.c: keep even god from accessing /etc/grsec.. 2002-07-22 15:32 spender * Makefile, acl, gradm_adm.c, gradm_analyze.c: tighten down gradm permissions, fix testing mode, compile gradm as static, update makefile 2002-07-21 09:21 spender * gradm_parse.c: removed debug msg 2002-07-21 09:16 spender * Makefile: update makefile 2002-07-21 09:14 spender * gradm.l, gradm_adm.c, gradm_parse.c: fix positions 2002-07-20 15:28 spender * gradm_func.h, gradm_opt.c, gradm_parse.c: fix acl problem right 2002-07-20 15:15 spender * Makefile: don't use debugging 2002-07-20 15:15 spender * Makefile, gradm_func.h, gradm_opt.c, gradm_parse.c: fix acl problem 2002-07-18 19:10 spender * acl: add /proc/ksyms h to default acl 2002-07-18 08:33 spender * acl: update default acl 2002-07-17 17:16 spender * gradm_analyze.c: fixes and updates 2002-07-17 12:48 spender * acl, gradm.8, gradm_analyze.c, gradm_arg.c, gradm_defs.h, gradm_func.h, gradm_misc.c, gradm_parse.c: remove verbose mode, all warnings are now full errors. add permission testing mode, updated default acl hides /boot, /dev/kmem, /dev/mem. manpage updated 2002-07-17 09:21 spender * acl, gradm.h, gradm_adm.c, gradm_analyze.c, gradm_arg.c, gradm_misc.c, gradm_opt.c, gradm_parse.c, gradm_pw.c: lsm2002 work 2002-07-03 17:11 spender * Makefile: remove debug 2002-07-03 16:54 spender * Makefile, gradm.8, gradm.l, gradm_adm.c, gradm_arg.c, gradm_defs.h, gradm_func.h, gradm_parse.c: remove auth mode...will be implemented in a later version 2002-07-03 13:19 spender * gradm.8, gradm_defs.h: header cleanups, manpage revision 2002-07-02 16:23 spender * Makefile: minor cleanup 2002-07-02 16:17 spender * Makefile: no -Wall 2002-07-02 16:16 spender * Makefile, gradm_analyze.c, gradm_cap.c, gradm_func.h, gradm_opt.c, gradm_parse.c: makefile cleanup and minor code cleanups 2002-07-02 15:12 spender * gradm_analyze.c: fix default acl object checks 2002-07-02 14:59 spender * gradm_cap.c: fix capabilities 2002-06-27 15:29 spender * gradm.l, gradm_cap.c: better debugging, fixed capabilities 2002-06-22 11:00 spender * gradm_arg.c: small option cleanup 2002-06-21 08:49 spender * gradm.l: add debug 2002-06-20 19:11 spender * gradm.h: add elf header checking 2002-06-20 09:18 spender * gradm_misc.c: sanity check 2002-06-20 09:08 spender * gradm_misc.c: fix up parent_dir 2002-06-19 14:16 spender * gradm_analyze.c: add subject write checks 2002-06-17 18:47 spender * gradm_parse.c: fix warning 2002-06-17 17:59 spender * gradm_parse.c: fix gr_arg conversion for other libcs 2002-06-17 17:08 spender * gradm_parse.c: fix process pipe problems 2002-06-17 09:46 spender * gradm_analyze.c: fix capability checking 2002-06-15 13:30 spender * gradm_analyze.c, gradm_func.h, gradm_parse.c, gradm_pw.c: added default object checking, gradm acl, removed dependency on CAP_IPC_LOCK 2002-06-15 11:23 spender * gradm_opt.c: fix user error correctly 2002-06-15 09:15 spender * gradm_parse.c: remove relative path support...too much of a hassle 2002-06-14 18:09 spender * gradm.l, gradm_analyze.c, gradm_opt.c: fix silly user override errors 2002-06-13 21:22 spender * gradm_opt.c: third time's the charm 2002-06-13 21:19 spender * gradm_opt.c: fix capability inheritance...again 2002-06-13 21:14 spender * gradm_opt.c: fix capability inheritance 2002-06-13 21:08 spender * gradm_cap.c: code cleanup 2002-06-13 21:06 spender * gradm_cap.c, gradm_opt.c: fix a capability inheritance conflict issue 2002-06-13 12:58 spender * gradm.y: fix include bug 2002-06-12 17:53 spender * gradm_parse.c: removed printf 2002-06-12 17:40 spender * gradm_analyze.c, gradm_misc.c, gradm_opt.c, gradm_parse.c: fix calloc 2002-06-12 12:51 spender * Makefile, gradm_cap.c: removed CAP_FS_MASK and updated Makefile, thanks to Peter S. Mazinger 2002-06-11 17:20 spender * gradm.8, gradm_arg.c, gradm_defs.h: remove reload mode 2002-06-11 14:22 spender * gradm_pw.c: restore term flags if exited during pw entry - thanks to the owl 2002-06-08 11:41 spender * gradm_analyze.c: added /dev/kmem and /dev/mem checking 2002-06-08 11:37 spender * Makefile, acl, gradm_analyze.c, gradm_cap.c, gradm_defs.h, gradm_parse.c: fixed capabilities, updated default acl, added library path checking, lilo config checking, capability checking for analysis 2002-06-07 13:29 spender * gradm_parse.c: fixed auth/admin modes 2002-06-07 10:54 spender * gradm.l: regexp fixes 2002-06-07 10:37 spender * gradm.l, gradm_parse.c: fixed modes, filename regexp, thanks to Peter S. Mazinger 2002-06-06 11:17 spender * gradm_parse.c: fix path warnings 2002-06-06 09:48 spender * Makefile: fix makefile. patch provided by peter s. mazinger 2002-06-05 12:50 spender * acl, gradm.l, gradm_defs.h, gradm_opt.c, gradm_parse.c: added process acl override, fixed modes, updated default acl 2002-06-03 09:54 spender * Makefile, gradm.l, gradm_parse.c: fixed disable 2002-05-31 16:16 spender * gradm_arg.c, gradm_parse.c: fixed user <-> kernel interaction 2002-05-31 15:40 spender * gradm.l, gradm_arg.c, gradm_defs.h, gradm_opt.c, gradm_parse.c: converted gr_arg to use an array of pointers for object and subject lists, made filename a pointer instead of an array, resulting in huge space savings 2002-05-31 09:56 spender * gradm.l, gradm_cap.c, gradm_opt.c: added capability inheritance, additional information on final acl display 2002-05-30 21:35 spender * acl, gradm.l, gradm.y, gradm_cap.c, gradm_defs.h, gradm_func.h, gradm_misc.c, gradm_opt.c, gradm_parse.c: fixed inheritance and override functionality, removed silent argument, updated default acl, updated check_permission 2002-05-30 17:46 spender * gradm.l, gradm.y, gradm_arg.c, gradm_defs.h, gradm_func.h, gradm_opt.c, gradm_parse.c: added full support for override mode and acl inheritance, replaced GR_HIDDEN with GR_FIND, updated documentation, removed the f flag 2002-05-30 13:53 spender * Makefile, gradm.l, gradm_func.h, gradm_misc.c, gradm_opt.c, gradm_parse.c: added beginnings of reduce_acls, made add_* return on duplicate failure instead of exit (will be important later), introduced acl_is_needed, which removes unnecessary acls, fixed compiler warnings, updated documentation 2002-05-30 00:29 spender * gradm.y, gradm_cap.c, gradm_defs.h, gradm_func.h, gradm_misc.c, gradm_parse.c: make parsing code more dynamic, added insert and remove capabilities for subject and object acls. added a function to return the parent dir of a path. added acl_tmps struct 2002-05-29 15:00 spender * gradm_parse.c: fix parent positions 2002-05-29 13:48 spender * gradm.h, gradm_parse.c: fix kdev_t 2002-05-29 13:06 spender * gradm_parse.c: fix auth and admin modes 2002-05-28 20:12 spender * gradm.8: updated manpage 2002-05-28 19:40 spender * gradm_defs.h: update defines 2002-05-28 19:27 spender * gradm_parse.c: fixed gr_exists 2002-05-28 12:42 spender * gradm_parse.c: fixed auth and admin modes 2002-05-28 12:15 spender * gradm_arg.c, gradm_parse.c: remove init mode, fixed admin modes 2002-05-28 11:11 spender * gradm.l, gradm_arg.c, gradm_defs.h, gradm_func.h, gradm_parse.c: removed GR_OVERRIDE, added GR_EXISTS 2002-05-24 18:02 spender * gradm.h, gradm_defs.h: user <-> kernel interaction fixed 2002-05-22 19:47 spender * gradm_parse.c: user <-> kernel interaction fixes 2002-05-22 14:52 spender * gradm_defs.h, gradm_pw.c: pw fixes 2002-05-20 12:47 spender * gradm.l: lex compile fix 2002-05-20 12:37 spender * gradm_arg.c: fix init mode 2002-05-01 19:20 spender * gradm_parse.c: gr_arg fix 2002-05-01 19:18 spender * gradm.l: lex fixes 2002-05-01 18:55 spender * gradm.y: yacc fix 2002-05-01 18:38 spender * gradm.l, gradm.y, gradm_defs.h, gradm_parse.c: comment, include, yacc fixes 2002-05-01 15:18 spender * Makefile, gradm.y, gradm_func.h: yacc fixes, added comments 2002-04-30 23:26 spender * gradm.h, gradm.l, gradm_arg.c, gradm_defs.h, gradm_func.h, gradm_parse.c, gradm_pw.c: kernel <-> userspace interaction 2002-04-28 20:15 spender * gradm_parse.c: actually add inheritance to process subject 2002-04-28 20:12 spender * gradm.l, gradm.y, gradm_cap.c, gradm_defs.h, gradm_func.h, gradm_misc.c, gradm_parse.c: capability inheritance 2002-04-27 20:51 spender * gradm_parse.c: path env checking 2002-04-27 16:26 spender * gradm.h, gradm.l, gradm_defs.h, gradm_func.h, gradm_parse.c: on our way to kernel interaction.. 2002-04-26 22:29 spender * Makefile, acl, gradm.8, gradm_arg.c, gradm_cap.c, gradm_defs.h: removed -c, -C, added make install, added default acl, added manpage 2002-04-26 10:25 spender * gradm_parse.c: added /boot, /etc/grsec, /lib, /etc/rc.d checks, fixed typo function 2002-04-25 23:29 spender * gradm.h, gradm.l, gradm_parse.c: /etc/grsec checking 2002-04-25 13:40 spender * gradm.l, gradm_arg.c, gradm_func.h, gradm_parse.c: add initial analysis, mode fix 2002-04-25 13:11 spender * gradm_arg.c, gradm_cap.c, gradm_defs.h: fixed admin file modes, added global capability listing, added dynamic gradm_path 2002-04-24 22:52 spender * gradm_misc.c: free fix 2002-04-24 19:56 spender * gradm.y: added frees in yacc parsing 2002-04-24 19:44 spender * gradm_defs.h: cosmetic change 2002-04-24 19:42 spender * gradm.l, gradm_defs.h, gradm_func.h, gradm_misc.c, gradm_parse.c: documentation updates 2002-04-24 14:45 spender * gradm.h, gradm_parse.c: full directory and relative path recursion 2002-04-24 10:45 spender * gradm.l, gradm.y, gradm_arg.c, gradm_func.h: added library and binary auto-acls 2002-04-23 19:55 spender * gradm.l, gradm_defs.h, gradm_parse.c: added ->prev 2002-04-23 19:44 spender * Makefile, gradm.y, gradm_cap.c, gradm_defs.h, gradm_func.h, gradm_parse.c: add auth and admin acls 2002-04-23 14:07 spender * gradm.l, gradm_defs.h, gradm_parse.c: include fixes 2002-04-22 23:38 spender * gradm.y: include updates 2002-04-22 23:17 spender * gradm_parse.c: include fix 2002-04-22 23:06 spender * gradm.h, gradm.l, gradm.y, gradm_arg.c, gradm_cap.c, gradm_defs.h, gradm_func.h, gradm_misc.c, gradm_parse.c, gradm_pw.c: const chars, added include directive, added current_acl_file 2002-04-17 20:50 spender * Makefile, gradm.h, gradm.l, gradm.y, gradm_arg.c, gradm_cap.c, gradm_defs.h, gradm_func.h, gradm_misc.c, gradm_parse.c, gradm_pw.c: Initial revision 2002-04-17 20:50 spender * Makefile, gradm.h, gradm.l, gradm.y, gradm_arg.c, gradm_cap.c, gradm_defs.h, gradm_func.h, gradm_misc.c, gradm_parse.c, gradm_pw.c: initial import to CVS