lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 7 Jan 2009 19:56:21 -0500 From: Michael Stone <michael@...top.org> To: Evgeniy Polyakov <zbr@...emap.net> Cc: linux-kernel@...r.kernel.org, netdev@...r.kernel.org Subject: Re: [PATCH] Security: Implement and document RLIMIT_NETWORK. On Thu, Jan 08, 2009 at 12:59:36AM +0300, Evgeniy Polyakov wrote: >I meant that connected or accepted socket will not be able to send data >via send() call, but will be able to receive data using recv(). A key fact which may not have stood out, since I didn't comment on it explicitly in the code, is that the disqualification tests inserted by the __sock_sendmsg() and unix_dgram_sendmsg hunks contain additional conditions like __sock_sendmsg(): + && (msg->msg_name != NULL || msg->msg_namelen != 0)) unix_dgram_sendmsg(): + && !sunaddr->sun_path[0]) which return us to the usual codepaths whenever we're dealing with an already-connected socket. Since my tests pass, can you post an example of a failing send() call which you think should work? >Your patch adds a rlimit check into __sock_sendmsg() call, which is >invoked via usual send() path, but sendfile() and splice() are still >exectuted without this check and thus will be able to send data after >rlimit applied. As far as I can tell, sendfile() and splice(), which operate solely on fds, cannot be used to send messages via a disconnected socket. Therefore, I /believe/ that they require no modification. Am I terribly mistaken about this? Thanks, Michael -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists