[redhat-lspp] [PATCH] lsm-secpeer for IPSec labels
Casey Schaufler
rancidfat at yahoo.com
Thu Sep 15 23:12:14 UTC 2005
--- Paul Moore <paul.moore at hp.com> wrote:
> George Wilson wrote:
> >
> > The patch enables the SELinux LSM to set the peer
> security context for
> > a socket based on the security context of the
> IPSec security
> > association. The application may retrieve this
> context using
> > getsockopt. When called, the kernel determines if
> the socket is a
> > connected (TCP_ESTABLISHED) TCP socket and, if so,
> uses the dst_entry
> > cache on the socket to retrieve the security
> associations. If a
> > security association has a security context, the
> context string is
> > returned, as for UNIX domain sockets.
> >
>
> Is there any reason why we are limiting ourselves to
> connected TCP
> sockets? I understand that due to the nature of the
> sockets and the
> fact that we are only implicitly labeling them via
> the SA it would be
> much more difficult, but what about UDP based
> applications?
Unix MLS systems support UDP with individualy
labeled datagrams, but the CIPSO and TSIX protocols
were designed with that in mind. IPSEC has a
different design target, with labeling a minor
component. Labeled UDP is very useful and should
not be passed by lightly.
Casey Schaufler
casey at schaufler-ca.com
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the redhat-lspp
mailing list