[redhat-lspp] Re: [RFC] [MLSXFRM 02/04] Add enforcement to SE Linux LSM
Venkat Yekkirala
vyekkirala at TrustedCS.com
Wed Jun 21 12:58:05 UTC 2006
> It seems like semantics of the flow sid is different between output
> and input. On output, it's based on the socket and on input it's
> based on the sa. The flow/sa analogy makes sense to me, but the
> socket less so (multiple sockets can use the same flow).
Different flows (as opposed to sockets) may use the same flow cache entry.
Is that what you meant here?
>
> I am not sure that the approach in lookup should be symmetric
> in that
> case.
>
> Regards,
> Trent.
> ----------------------------------------------
> Trent Jaeger, Associate Professor
> Pennsylvania State University, CSE Dept
> 346A IST Bldg, University Park, PA 16802
> Email: tjaeger at cse.psu.edu
> Ph: (814) 865-1042, Fax: (814) 865-3176
>
>
>
>
More information about the redhat-lspp
mailing list