)]}'
{
  "log": [
    {
      "commit": "2cc8a71641b4460783ea3bd7a3476043fdf85397",
      "tree": "fe8a39bbedc403306c3a0c2f773a4499d6ae99ec",
      "parents": [
        "77b513dda90fd99bd1225410b25e745b74779c1c"
      ],
      "author": {
        "name": "Kees Cook",
        "email": "keescook@chromium.org",
        "time": "Mon May 14 10:19:28 2012 -0700"
      },
      "committer": {
        "name": "James Morris",
        "email": "james.l.morris@oracle.com",
        "time": "Tue May 15 10:27:57 2012 +1000"
      },
      "message": "Yama: replace capable() with ns_capable()\n\nWhen checking capabilities, the question we want to be asking is \"does\ncurrent() have the capability in the child\u0027s namespace?\"\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n"
    },
    {
      "commit": "08162e6a23d476544adfe1164afe9ea8b34ab859",
      "tree": "ace0b15f2f0aa6106d42191c8edaecc91f0322cc",
      "parents": [
        "561381a146a31ff91d7a2370c10871b02ac7343c"
      ],
      "author": {
        "name": "Dan Carpenter",
        "email": "dan.carpenter@oracle.com",
        "time": "Fri Apr 20 16:35:24 2012 +0300"
      },
      "committer": {
        "name": "James Morris",
        "email": "james.l.morris@oracle.com",
        "time": "Mon Apr 23 17:20:22 2012 +1000"
      },
      "message": "Yama: remove an unused variable\n\nGCC complains that we don\u0027t use \"one\" any more after 389da25f93 \"Yama:\nadd additional ptrace scopes\".\n\nsecurity/yama/yama_lsm.c:322:12: warning: ?one? defined but not used\n\t[-Wunused-variable]\n\nSigned-off-by: Dan Carpenter \u003cdan.carpenter@oracle.com\u003e\nAcked-by: Kees Cook \u003ckeescook@chromium.org\u003e\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n"
    },
    {
      "commit": "389da25f93eea8ff64181ae7e3e87da68acaef2e",
      "tree": "09277860746b3372cbb49ea82868709cbae99ec3",
      "parents": [
        "8156b451f37898d3c3652b4e988a4d62ae16eaac"
      ],
      "author": {
        "name": "Kees Cook",
        "email": "keescook@chromium.org",
        "time": "Mon Apr 16 11:56:45 2012 -0700"
      },
      "committer": {
        "name": "James Morris",
        "email": "james.l.morris@oracle.com",
        "time": "Thu Apr 19 13:39:56 2012 +1000"
      },
      "message": "Yama: add additional ptrace scopes\n\nThis expands the available Yama ptrace restrictions to include two more\nmodes. Mode 2 requires CAP_SYS_PTRACE for PTRACE_ATTACH, and mode 3\ncompletely disables PTRACE_ATTACH (and locks the sysctl).\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nSigned-off-by: James Morris \u003cjames.l.morris@oracle.com\u003e\n"
    },
    {
      "commit": "bf06189e4d14641c0148bea16e9dd24943862215",
      "tree": "5c62eb24339041baf65b8e42daac42c7a01efc0e",
      "parents": [
        "3ab1aff89477dafb1aaeafe8c8669114a02b7226"
      ],
      "author": {
        "name": "Kees Cook",
        "email": "keescook@chromium.org",
        "time": "Tue Feb 14 16:48:09 2012 -0800"
      },
      "committer": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Thu Feb 16 10:25:18 2012 +1100"
      },
      "message": "Yama: add PR_SET_PTRACER_ANY\n\nFor a process to entirely disable Yama ptrace restrictions, it can use\nthe special PR_SET_PTRACER_ANY pid to indicate that any otherwise allowed\nprocess may ptrace it. This is stronger than calling PR_SET_PTRACER with\npid \"1\" because it includes processes in external pid namespaces. This is\ncurrently needed by the Chrome renderer, since its crash handler (Breakpad)\nruns external to the renderer\u0027s pid namespace.\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n"
    },
    {
      "commit": "2d514487faf188938a4ee4fb3464eeecfbdcf8eb",
      "tree": "42147f0459ab062375f63891943242e3b95797bb",
      "parents": [
        "1a2a4d06e1e95260c470ebe3a945f61bbe8c1fd8"
      ],
      "author": {
        "name": "Kees Cook",
        "email": "keescook@chromium.org",
        "time": "Wed Dec 21 12:17:04 2011 -0800"
      },
      "committer": {
        "name": "James Morris",
        "email": "jmorris@namei.org",
        "time": "Fri Feb 10 09:18:52 2012 +1100"
      },
      "message": "security: Yama LSM\n\nThis adds the Yama Linux Security Module to collect DAC security\nimprovements (specifically just ptrace restrictions for now) that have\nexisted in various forms over the years and have been carried outside the\nmainline kernel by other Linux distributions like Openwall and grsecurity.\n\nSigned-off-by: Kees Cook \u003ckeescook@chromium.org\u003e\nAcked-by: John Johansen \u003cjohn.johansen@canonical.com\u003e\nSigned-off-by: James Morris \u003cjmorris@namei.org\u003e\n"
    }
  ]
}