| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | agent: Keep CAP_DAC_OVERRIDE to connect to ssh-agent socket | Tobias Brunner | 2014-01-23 | 1 | -0/+3 |
| | | | | | This is also required if charon-cmd is used with capability dropping. | ||||
| * | capabilities: Add function to check if a capability is held, without keeping it | Tobias Brunner | 2013-07-18 | 1 | -0/+12 |
| | | | | | | This can be useful if capabilities are not required anymore after dropping privileges. | ||||
| * | capabilities: Handle CAP_CHOWN specially as it might not be required | Tobias Brunner | 2013-06-25 | 1 | -0/+3 |
| | | |||||
| * | dhcp: Require CAP_NET_BIND_SERVICE and CAP_NET_RAW to open/bind sockets | Tobias Brunner | 2013-06-25 | 1 | -0/+3 |
| | | |||||
| * | socket-default: Require CAP_NET_BIND_SERVICE for ports < 1024 | Tobias Brunner | 2013-06-25 | 1 | -1/+4 |
| | | | | | | Since we don't know which ports are used with socket-dynamic we can't demand the capability there, but it might still be required. | ||||
| * | capabilities: Only plugins that require CAP_NET_ADMIN demand it | Tobias Brunner | 2013-06-25 | 1 | -0/+4 |
| | | | | | The daemon as such does not require this capability. | ||||
| * | capabilities: Move global capabilities_t instance to libstrongswan | Tobias Brunner | 2013-06-25 | 1 | -2/+2 |
| | | |||||
| * | capabilities: Ensure required capabilities are actually held by the process/user | Tobias Brunner | 2013-06-25 | 1 | -2/+7 |
| | | |||||
| * | Proper fallback if capability dropping is not available | Tobias Brunner | 2012-07-27 | 1 | -1/+1 |
| | | |||||
| * | Refactored heavily #ifdefd capability code to its own libstrongswan class | Martin Willi | 2012-07-04 | 1 | -0/+107 |
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |