On Tue, 2017-06-20 at 15:49 -0400, Paul Moore wrote: > On Mon, Jun 19, 2017 at 5:33 PM, Luis Ressel <aranea@xxxxxxxx> wrote: > > For PF_UNIX, SOCK_RAW is synonymous with SOCK_DGRAM (cf. > > net/unix/af_unix.c). This is a tad obscure, but libpcap uses it. > > > > Signed-off-by: Luis Ressel <aranea@xxxxxxxx> > > Acked-by: Stephen Smalley <sds@xxxxxxxxxxxxx> > > --- > > security/selinux/hooks.c | 1 + > > 1 file changed, 1 insertion(+) > > My only concern is what effect this will have on existing policy. > Prior to this patch PF_UNIX/SOCK_RAW will result in the generic > "socket" class where after this patch it will result in the > "unix_dgram_socket". I believe this is the right change, but it > seems > like this should be wrapped by a policy capability, yes? I doubt it is worth a policy capability. Permission to create/use socket tends to be far rarer than permission to create/use unix_dgram_socket; looks like we never allow the former without the latter in Fedora, for example. > > > diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c > > index 819fd6858b49..1a331fba4a3c 100644 > > --- a/security/selinux/hooks.c > > +++ b/security/selinux/hooks.c > > @@ -1275,6 +1275,7 @@ static inline u16 > > socket_type_to_security_class(int family, int type, int protoc > > case SOCK_SEQPACKET: > > return SECCLASS_UNIX_STREAM_SOCKET; > > case SOCK_DGRAM: > > + case SOCK_RAW: > > return SECCLASS_UNIX_DGRAM_SOCKET; > > } > > break; > > -- > > 2.13.1 > >
