| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87bpn3o87o.fsf@caffeine.danplanet.com> Date: Wed, 29 Jul 2009 07:49:15 -0700 From: Dan Smith <danms@...ibm.com> To: "Serge E. Hallyn" <serue@...ibm.com> Cc: Oren Laadan <orenl@...rato.com>, containers@...ts.osdl.org, netdev@...r.kernel.org, Alexey Dobriyan <adobriyan@...il.com> Subject: Re: [PATCH 5/5] c/r: Add AF_UNIX support (v6) SH> At the moment you miss out on the security_socket_connect() call. Is that any different than the path involved when a process does a socketpair() call? SH> Still your code is so customized that perhaps an explicit SH> security_socket_connect() call in your sock_unix_join() may be the SH> way to go... So, when I do the join, I really should run the check on both the remote and local addresses, right? The join operation is not really a connect in the sense of being one-sided... -- Dan Smith IBM Linux Technology Center email: danms@...ibm.com -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists