>>SELinux Mailing List

Contents

Overview

What's New

Frequently Asked Questions

Background

Documentation

License

Download

Participating

Mail List

Archive Summary

Archive by Thread

Archive by Author

Archive by Date

Archive by Subject

Remaining Work

Contributors

Related Work

Press Releases

Re: Selinux lsm and Free Swan

From: Stephen Smalley <sds_at_tislabs.com>
Date: Fri, 24 Aug 2001 12:33:18 -0400 (EDT)

I just looked briefly at the FreeSWAN KLIPS code, and I think the problem is being caused by the call to sock_queue_rcv_skb by the PF_KEY socket code. So the patch to tcp_ipv4.c is probably unnecessary. Just try the patch to hooks.c and see if it works for you. In that case, skipping the network access control checks in selinux_sock_rcv_skb is ok, because it is a kernel-daemon communication.

--

Stephen D. Smalley, NAI Labs
ssmalley@nai.com

--

You have received this message because you are subscribed to the selinux list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Fri 24 Aug 2001 - 12:45:19 EDT

This message: [ Message body ]
Next message: Westerman, Mark: "RE: Selinux lsm and Free Swan"
Previous message: Stephen Smalley: "Re: Selinux lsm and Free Swan"
In reply to: Stephen Smalley: "Re: Selinux lsm and Free Swan"
Next in thread: Sandy Harris: "Re: Selinux lsm and Free Swan"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

This archive was generated by hypermail 2.2.0 on Wed 11 Jun 2008 - 08:10:26 EDT