On Wed, 2008-05-21 at 19:13 +0200, Patrick McHardy wrote: > Stephen Smalley wrote: > > On Wed, 2008-05-21 at 12:46 -0400, Paul Moore wrote: > >> > >> I agree with James that we need to perform some access check before > >> setting the ct->secmark field, however, I don't think it is as simple > >> as calling selinux_secmark_relabel_packet_permission(). The problem is > >> that the selinux_secmark_relabel_packet_permission() function checks to > >> see if the currently running task can relabel packets; in this case we > >> don't want to check the currently running task we want to check the > >> sender of the netlink message which we can't really do currently. > > > > Sending task SID is saved in NETLINK_CB(skb).sid at send time, so the > > information is available (but would need to be passed into the > > function). > > This part can actually be removed from af_netlink, see the message > I just sent to Paul for reference. So eff_cap, loginuid, sessionid, and sid no longer need to be saved in netlink_skb_parms? Current users include security modules and audit. -- Stephen Smalley National Security Agency -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
