| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 6 May 2011 13:27:15 -0400 From: Paul Moore <paul.moore@...com> To: Samir Bellabes <sam@...ack.fr> Cc: Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>, linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org, netdev@...r.kernel.org, netfilter-devel@...r.kernel.org, hadi@...erus.ca, kaber@...sh.net, zbr@...emap.net, root@...aldomain.pl Subject: Re: [RFC v3 02/10] Revert "lsm: Remove the socket_post_accept() hook" On Friday, May 06, 2011 5:25:45 AM Samir Bellabes wrote: > the main argument for socket_post_accept is to known informations of the > remote inet. > > from socket_accept(), we have no clue of who (inet->daddr and inet->saddr) > is connecting to the local service. with socket_post_accept(), inet->daddr > and inet->saddr are filled with the true distant informations. > > This informations is interesting for next security operations on the > socket. (we known with who we are talking to). Looking at the snet_socket_post_accept() hook, I believe all of the information you are looking for should be available to you in the sock_graft() hook. -- paul moore linux @ hp -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists