[redhat-lspp] Re: [RFC] [MLSXFRM 02/04] Add enforcement to SE Linux LSM
Venkat Yekkirala
vyekkirala at TrustedCS.com
Wed Jun 21 14:22:25 UTC 2006
> We have flows, sa's, and in some cases, senders and receivers. On
> input, we check the socket's access to receive the sa's type in
> rcv_skb, and on output we check the flow's (indirectly socket's, if
> present) access to send to the sa's type in flow_state_match.
>
> The problem is that the types of the flow and policy are required to
> match in lookup, but that is not a requirement for
> types.
Did you mean to say sockets (instead of types) at the end above or did I
miss something?
> A socket
> of type x can use a policy of type y which can be captured on
> input,
Actually this would be output (albeit indirectly via the flow).
> but not on
> output in this patch.
You probably meant "input" here?
>
> I'll think about possible resolutions, but here are some further
> questions.
>
> (1) must a flow type match that of the sa it uses (seems so)?
Yes. The flow type must have sendto access to the SA.
> (2) can we do lookup differently for input (where we are told
> what it
> should be) versus output (where it is based on what could be
> authorized)?
I am not getting this question. Please let me know on the side
when would be a good time to call you. Thanks.
More information about the redhat-lspp
mailing list