From: Richard Haines > Sent: 14 December 2016 13:40 > Add SELinux support for the SCTP protocol. The SELinux-sctp.txt document > describes how the patch has been implemented with an example policy and > tests using lkstcp-tools. ... > +SCTP_SOCKOPT_BINDX_ADD - Allows additional bind addresses to be > + associated after (optionally) calling bind(2) > + if given the "bind_add" permission. Does restricting bindx make any sense at all? The only addresses than can be specified are those of local interfaces. If bindx isn't called then the default is to include the addresses of all local interfaces. So bindx only actually removes local addresses, it doesn't add them. David _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
