Hello Günther! On Wed, Feb 26, 2025 at 08:52:03PM +0000, Günther Noack wrote: > > > > + not stem from the same or a nested Landlock domain. > > > > This could be read such that send(2) is replaced by connect(2) on a > > non-connected datagram socket. But you want to say that a connect(2) > > is implicitly executed before the actual send(2) (which is still > > executed, if connect(2) succeeds). > > Thanks, that can indeed be misunderstood. > > > How about this wording? > > > > If send(2) is used on a non-connected datagram socket, an > > implicit connect(2) is executed first, and will be blocked when > > the remote end does not .... > > I think this would be misleading as well, because the send(2) on the > non-connected datagram socket does *not* actually perform an implicit > connect(2). (If it were doing that, the socket would be connected afterwards, > but it isn't.) But we *do* initiate a communication with a previously unknown > remote address, just like connect(2), so we enforce the same Landlock policy as > for connect(2). Agreed. > (Remark, connected datagram sockets sound absurd, because there is no connection > at the network layer. On datagram sockets, connect(2) only fixes the destination > address so that it can be omitted in subsequent send(2) calls.). > > Rewording it to: > > A sendto(2) on a non-connected datagram socket is treated as if > it were doing an implicit connect(2) and will be blocked if the > remote end does not stem from the same or a nested Landlock domain. Sounds good. > (P.S. I also replaced send(2) with sendto(2), which is a bit more appropriate in > the middle paragraph - you can not actually pass the destination address with > send(2), that only works with sendto(2). I replaced it in the third paragraph > as well for consistency. It still makes sense IMHO considering that send(2) is a > special case of sendto(2).) Yep, that sounds great. Thanks! Cheers, Alex -- <https://www.alejandro-colomar.es/>
Attachment:
signature.asc
Description: PGP signature
