From: "Makan Pourzandi (LMC)" <Makan.Pourzandiat_private> Date: Fri, 7 Feb 2003 11:58:49 -0500 Actually, we know that based on FIPS documents (http://csrc.nist.gov/publications/fips/fips188/fips188.ps) we can use ip options for security purposes. I believe for my part that this hook can be useful if used to decode ip options and decide to drop or not the ip packets. I don't believe that this level of control can be achieved using other hooks at socket layer. James added a hook for SKB reception, you can do whatever you want in analzying incoming packet contents using that generic hook. _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Sat Feb 08 2003 - 00:39:44 PST