)]}'
{
  "log": [
    {
      "commit": "5975c725dfd6f7d36f493ab1453fbdbd35c1f0e3",
      "tree": "1beb7ac54f2b1b7917faee08bba39b5eba2b4cfa",
      "parents": [
        "ff76ec18cabb12a6c8f3c65bd1d23f1a770fe908"
      ],
      "author": {
        "name": "Serge E. Hallyn",
        "email": "serue@us.ibm.com",
        "time": "Thu Oct 29 11:40:17 2009 -0500"
      },
      "committer": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Fri Oct 30 08:27:25 2009 +1100"
      },
      "message": "define convenient securebits masks for prctl users (v2)\n\nHi James, would you mind taking the following into\nsecurity-testing?\n\nThe securebits are used by passing them to prctl with the\nPR_{S,G}ET_SECUREBITS commands.  But the defines must be\nshifted to be used in prctl, which begs to be confused and\nmisused by userspace.  So define some more convenient\nvalues for userspace to specify.  This way userspace does\n\n\tprctl(PR_SET_SECUREBITS, SECBIT_NOROOT);\n\ninstead of\n\n\tprctl(PR_SET_SECUREBITS, 1 \u003c\u003c SECURE_NOROOT);\n\n(Thanks to Michael for the idea)\n\nThis patch also adds include/linux/securebits to the installed headers.\nThen perhaps it can be included by glibc\u0027s sys/prctl.h.\n\nChangelog:\n\tOct 29: Stephen Rothwell points out that issecure can\n\t\tbe under __KERNEL__.\n\tOct 14: (Suggestions by Michael Kerrisk):\n\t\t1. spell out SETUID in SECBIT_NO_SETUID*\n\t\t2. SECBIT_X_LOCKED does not imply SECBIT_X\n\t\t3. add definitions for keepcaps\n        Oct 14: As suggested by Michael Kerrisk, don\u0027t\n\t\tuse SB_* as that convention is already in\n\t\tuse.  Use SECBIT_ prefix instead.\n\nSigned-off-by: Serge E. Hallyn \u003cserue@us.ibm.com\u003e\nAcked-by: Andrew G. Morgan \u003cmorgan@kernel.org\u003e\nAcked-by: Michael Kerrisk \u003cmtk.manpages@gmail.com\u003e\nCc: Ulrich Drepper \u003cdrepper@redhat.com\u003e\nCc: James Morris \u003cjmorris@namei.org\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n"
    },
    {
      "commit": "86a264abe542cfececb4df129bc45a0338d8cdb9",
      "tree": "30152f04ba847f311028d5ca697f864c16c7ebb3",
      "parents": [
        "f1752eec6145c97163dbce62d17cf5d928e28a27"
      ],
      "author": {
        "name": "David Howells",
        "email": "dhowells@redhat.com",
        "time": "Fri Nov 14 10:39:18 2008 +1100"
      },
      "committer": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Fri Nov 14 10:39:18 2008 +1100"
      },
      "message": "CRED: Wrap current-\u003ecred and a few other accessors\n\nWrap current-\u003ecred and a few other accessors to hide their actual\nimplementation.\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n"
    },
    {
      "commit": "b6dff3ec5e116e3af6f537d4caedcad6b9e5082a",
      "tree": "9e76f972eb7ce9b84e0146c8e4126a3f86acb428",
      "parents": [
        "15a2460ed0af7538ca8e6c610fe607a2cd9da142"
      ],
      "author": {
        "name": "David Howells",
        "email": "dhowells@redhat.com",
        "time": "Fri Nov 14 10:39:16 2008 +1100"
      },
      "committer": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Fri Nov 14 10:39:16 2008 +1100"
      },
      "message": "CRED: Separate task security context from task_struct\n\nSeparate the task security context from task_struct.  At this point, the\nsecurity data is temporarily embedded in the task_struct with two pointers\npointing to it.\n\nNote that the Alpha arch is altered as it refers to (E)UID and (E)GID in\nentry.S via asm-offsets.\n\nWith comment fixes Signed-off-by: Marc Dionne \u003cmarc.c.dionne@gmail.com\u003e\n\nSigned-off-by: David Howells \u003cdhowells@redhat.com\u003e\nAcked-by: James Morris \u003cjmorris@namei.org\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n"
    },
    {
      "commit": "086f7316f0d400806d76323beefae996bb3849b1",
      "tree": "679405a89b7f8c7a75d3896e43c837b5a5115d7b",
      "parents": [
        "abbaeff38c00cb7f6817ec1cef406b27081ebedd"
      ],
      "author": {
        "name": "Andrew G. Morgan",
        "email": "morgan@kernel.org",
        "time": "Fri Jul 04 09:59:58 2008 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@linux-foundation.org",
        "time": "Fri Jul 04 10:40:08 2008 -0700"
      },
      "message": "security: filesystem capabilities: fix fragile setuid fixup code\n\nThis commit includes a bugfix for the fragile setuid fixup code in the\ncase that filesystem capabilities are supported (in access()).  The effect\nof this fix is gated on filesystem capability support because changing\nsecurebits is only supported when filesystem capabilities support is\nconfigured.)\n\n[akpm@linux-foundation.org: coding-style fixes]\nSigned-off-by: Andrew G. Morgan \u003cmorgan@kernel.org\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nAcked-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n"
    },
    {
      "commit": "3898b1b4ebff8dcfbcf1807e0661585e06c9a91c",
      "tree": "69a338864dfe654f68064a599c5d0da460df34ac",
      "parents": [
        "4016a1390d07f15b267eecb20e76a48fd5c524ef"
      ],
      "author": {
        "name": "Andrew G. Morgan",
        "email": "morgan@kernel.org",
        "time": "Mon Apr 28 02:13:40 2008 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@linux-foundation.org",
        "time": "Mon Apr 28 08:58:26 2008 -0700"
      },
      "message": "capabilities: implement per-process securebits\n\nFilesystem capability support makes it possible to do away with (set)uid-0\nbased privilege and use capabilities instead.  That is, with filesystem\nsupport for capabilities but without this present patch, it is (conceptually)\npossible to manage a system with capabilities alone and never need to obtain\nprivilege via (set)uid-0.\n\nOf course, conceptually isn\u0027t quite the same as currently possible since few\nuser applications, certainly not enough to run a viable system, are currently\nprepared to leverage capabilities to exercise privilege.  Further, many\napplications exist that may never get upgraded in this way, and the kernel\nwill continue to want to support their setuid-0 base privilege needs.\n\nWhere pure-capability applications evolve and replace setuid-0 binaries, it is\ndesirable that there be a mechanisms by which they can contain their\nprivilege.  In addition to leveraging the per-process bounding and inheritable\nsets, this should include suppressing the privilege of the uid-0 superuser\nfrom the process\u0027 tree of children.\n\nThe feature added by this patch can be leveraged to suppress the privilege\nassociated with (set)uid-0.  This suppression requires CAP_SETPCAP to\ninitiate, and only immediately affects the \u0027current\u0027 process (it is inherited\nthrough fork()/exec()).  This reimplementation differs significantly from the\nhistorical support for securebits which was system-wide, unwieldy and which\nhas ultimately withered to a dead relic in the source of the modern kernel.\n\nWith this patch applied a process, that is capable(CAP_SETPCAP), can now drop\nall legacy privilege (through uid\u003d0) for itself and all subsequently\nfork()\u0027d/exec()\u0027d children with:\n\n  prctl(PR_SET_SECUREBITS, 0x2f);\n\nThis patch represents a no-op unless CONFIG_SECURITY_FILE_CAPABILITIES is\nenabled at configure time.\n\n[akpm@linux-foundation.org: fix uninitialised var warning]\n[serue@us.ibm.com: capabilities: use cap_task_prctl when !CONFIG_SECURITY]\nSigned-off-by: Andrew G. Morgan \u003cmorgan@kernel.org\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: Paul Moore \u003cpaul.moore@hp.com\u003e\nSigned-off-by: Serge E. Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n"
    },
    {
      "commit": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
      "tree": "0bba044c4ce775e45a88a51686b5d9f90697ea9d",
      "parents": [],
      "author": {
        "name": "Linus Torvalds",
        "email": "torvalds@ppc970.osdl.org",
        "time": "Sat Apr 16 15:20:36 2005 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@ppc970.osdl.org",
        "time": "Sat Apr 16 15:20:36 2005 -0700"
      },
      "message": "Linux-2.6.12-rc2\n\nInitial git repository build. I\u0027m not bothering with the full history,\neven though we have it. We can create a separate \"historical\" git\narchive of that later if we want to, and in the meantime it\u0027s about\n3.2GB when imported into git - space that would just make the early\ngit days unnecessarily complicated, when we don\u0027t have a lot of good\ninfrastructure for it.\n\nLet it rip!\n"
    }
  ]
}