)]}'
{
  "log": [
    {
      "commit": "086f7316f0d400806d76323beefae996bb3849b1",
      "tree": "679405a89b7f8c7a75d3896e43c837b5a5115d7b",
      "parents": [
        "abbaeff38c00cb7f6817ec1cef406b27081ebedd"
      ],
      "author": {
        "name": "Andrew G. Morgan",
        "email": "morgan@kernel.org",
        "time": "Fri Jul 04 09:59:58 2008 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@linux-foundation.org",
        "time": "Fri Jul 04 10:40:08 2008 -0700"
      },
      "message": "security: filesystem capabilities: fix fragile setuid fixup code\n\nThis commit includes a bugfix for the fragile setuid fixup code in the\ncase that filesystem capabilities are supported (in access()).  The effect\nof this fix is gated on filesystem capability support because changing\nsecurebits is only supported when filesystem capabilities support is\nconfigured.)\n\n[akpm@linux-foundation.org: coding-style fixes]\nSigned-off-by: Andrew G. Morgan \u003cmorgan@kernel.org\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nAcked-by: David Howells \u003cdhowells@redhat.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n"
    },
    {
      "commit": "3898b1b4ebff8dcfbcf1807e0661585e06c9a91c",
      "tree": "69a338864dfe654f68064a599c5d0da460df34ac",
      "parents": [
        "4016a1390d07f15b267eecb20e76a48fd5c524ef"
      ],
      "author": {
        "name": "Andrew G. Morgan",
        "email": "morgan@kernel.org",
        "time": "Mon Apr 28 02:13:40 2008 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@linux-foundation.org",
        "time": "Mon Apr 28 08:58:26 2008 -0700"
      },
      "message": "capabilities: implement per-process securebits\n\nFilesystem capability support makes it possible to do away with (set)uid-0\nbased privilege and use capabilities instead.  That is, with filesystem\nsupport for capabilities but without this present patch, it is (conceptually)\npossible to manage a system with capabilities alone and never need to obtain\nprivilege via (set)uid-0.\n\nOf course, conceptually isn\u0027t quite the same as currently possible since few\nuser applications, certainly not enough to run a viable system, are currently\nprepared to leverage capabilities to exercise privilege.  Further, many\napplications exist that may never get upgraded in this way, and the kernel\nwill continue to want to support their setuid-0 base privilege needs.\n\nWhere pure-capability applications evolve and replace setuid-0 binaries, it is\ndesirable that there be a mechanisms by which they can contain their\nprivilege.  In addition to leveraging the per-process bounding and inheritable\nsets, this should include suppressing the privilege of the uid-0 superuser\nfrom the process\u0027 tree of children.\n\nThe feature added by this patch can be leveraged to suppress the privilege\nassociated with (set)uid-0.  This suppression requires CAP_SETPCAP to\ninitiate, and only immediately affects the \u0027current\u0027 process (it is inherited\nthrough fork()/exec()).  This reimplementation differs significantly from the\nhistorical support for securebits which was system-wide, unwieldy and which\nhas ultimately withered to a dead relic in the source of the modern kernel.\n\nWith this patch applied a process, that is capable(CAP_SETPCAP), can now drop\nall legacy privilege (through uid\u003d0) for itself and all subsequently\nfork()\u0027d/exec()\u0027d children with:\n\n  prctl(PR_SET_SECUREBITS, 0x2f);\n\nThis patch represents a no-op unless CONFIG_SECURITY_FILE_CAPABILITIES is\nenabled at configure time.\n\n[akpm@linux-foundation.org: fix uninitialised var warning]\n[serue@us.ibm.com: capabilities: use cap_task_prctl when !CONFIG_SECURITY]\nSigned-off-by: Andrew G. Morgan \u003cmorgan@kernel.org\u003e\nAcked-by: Serge Hallyn \u003cserue@us.ibm.com\u003e\nReviewed-by: James Morris \u003cjmorris@namei.org\u003e\nCc: Stephen Smalley \u003csds@tycho.nsa.gov\u003e\nCc: Paul Moore \u003cpaul.moore@hp.com\u003e\nSigned-off-by: Serge E. Hallyn \u003cserue@us.ibm.com\u003e\nSigned-off-by: Andrew Morton \u003cakpm@linux-foundation.org\u003e\nSigned-off-by: Linus Torvalds \u003ctorvalds@linux-foundation.org\u003e\n"
    },
    {
      "commit": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
      "tree": "0bba044c4ce775e45a88a51686b5d9f90697ea9d",
      "parents": [],
      "author": {
        "name": "Linus Torvalds",
        "email": "torvalds@ppc970.osdl.org",
        "time": "Sat Apr 16 15:20:36 2005 -0700"
      },
      "committer": {
        "name": "Linus Torvalds",
        "email": "torvalds@ppc970.osdl.org",
        "time": "Sat Apr 16 15:20:36 2005 -0700"
      },
      "message": "Linux-2.6.12-rc2\n\nInitial git repository build. I\u0027m not bothering with the full history,\neven though we have it. We can create a separate \"historical\" git\narchive of that later if we want to, and in the meantime it\u0027s about\n3.2GB when imported into git - space that would just make the early\ngit days unnecessarily complicated, when we don\u0027t have a lot of good\ninfrastructure for it.\n\nLet it rip!\n"
    }
  ]
}