On Thu, 2005-04-14 at 17:31 -0400, Stephen Smalley wrote: > You can control network communication (loopback or otherwise) via the > permission checks between the sending socket security context and the > security contexts of the network interface, the destination host, and > the destination port. These are the netif and node tcp_send permissions > and the tcp_socket send_msg permission. Sockets are labeled in > accordance with the creating process, so you just need to define a > domain for eclipse. BTW, these outbound network permission checks are described in http://www.nsa.gov/selinux/papers/module/x2324.html And going back to your original question, for INET communication, you can't truly do process-to-process permission checks (or even socket-to- peersocket permission checks) because we don't presently have labeled networking support (i.e. labeled network buffers and packets). There was experimental support for such labeled networking in the older SELinux (courtesy of James Morris), but the necessary hooks and security fields to support it were not accepted into Linux 2.6. Trent Jaeger of IBM has more recently implemented implicit packet labeling via IPSEC security associations for SELinux, but I don't think you need that for what you describe; the existing permission checks based on network interface, host, and port should be sufficient. -- Stephen Smalley <sds@xxxxxxxxxxxxx> National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
