Stephen Smalley wrote:
On Wed, 2008-05-21 at 12:46 -0400, Paul Moore wrote:
I agree with James that we need to perform some access check before
setting the ct->secmark field, however, I don't think it is as simple
as calling selinux_secmark_relabel_packet_permission(). The problem is
that the selinux_secmark_relabel_packet_permission() function checks to
see if the currently running task can relabel packets; in this case we
don't want to check the currently running task we want to check the
sender of the netlink message which we can't really do currently.
Sending task SID is saved in NETLINK_CB(skb).sid at send time, so the
information is available (but would need to be passed into the
function).
This part can actually be removed from af_netlink, see the message
I just sent to Paul for reference.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
