On Sat, 11 Aug 2001, James Morris wrote: > The "correct" way of doing this is to use the skb security blob to store > network layer information (e.g. IP header fields) at some hook in the > network layer, then retrieve it at the transport or application layer as > needed. > > This then facilitates policies such as: > > "allow user fred receive tcp,udp from 10.1.2.3" SELinux performs a permission check based on the type of the socket (which is derived from the domain of the creating process), the type of the packet (which by default is derived from the receiving network interface), and the kind of socket. So we aren't concerned with the source IP address at this point, except to include as additional information in audit messages upon access failures. Without IPSEC support to authenticate the source, there isn't much point in using the source IP address as part of the decision. When we integrate SELinux with IPSEC support, we can use the skbuff security object to save information in the network layer hooks, as you mentioned, and use it later in the sock_rcv_skb hook. -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Aug 13 2001 - 11:07:41 PDT