[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: kernel_t and rawip



I inadvertently sent this to cpebenito tresys com rather than to the list. Here it is for the list:

Christopher J. PeBenito wrote:
> On Wed, 2007-05-23 at 15:11 -0700, Ken wrote:
>> I became interested in SELinux primarily to increase the level of security I have when I am connected to the Internet, and until recently I have not allowed kernel_t to send or receive rawip over the Internet. I have recently allowed this because I was having difficulty making an online payment without this enabled. Since enabling this, I have wondered what the security implications of allowing kernel_t to send and receive rawip on the Internet are;
>
> Its normal behavior, the kernel needs the permission so can handle ICMP
> traffic, e.g. ping replies, destination unreachable, etc.
>
I am aware of ICMP traffic, but even the best programs and protocols can be unexpectedly vulnerable to exploitation; and from a logical perspective, I have (completely and unconditionally) opened my system to allow a particular type of communication with outside connections -- at least with respect to SELinux. My interest is in learning what the logical limits are with respect to what can be sent and received as rawip to and from kernel_t; and what the limitations of what can be done with the data are. I was hoping there is a document compiled somewhere that provides this (and similar) information.

- Ken -


--- Begin Message ---
Christopher J. PeBenito wrote:
On Wed, 2007-05-23 at 15:11 -0700, Ken wrote:
I became interested in SELinux primarily to increase the level of security I have when I am connected to the Internet, and until recently I have not allowed kernel_t to send or receive rawip over the Internet. I have recently allowed this because I was having difficulty making an online payment without this enabled. Since enabling this, I have wondered what the security implications of allowing kernel_t to send and receive rawip on the Internet are;

Its normal behavior, the kernel needs the permission so can handle ICMP
traffic, e.g. ping replies, destination unreachable, etc.

I am aware of ICMP traffic, but even the best programs and protocols can be unexpectedly vulnerable to exploitation; and from a logical perspective, I have (completely and unconditionally) opened my system to allow a particular type of communication with outside connections -- at least with respect to SELinux. My interest is in learning what the logical limits are with respect to what can be sent and received as rawip to and from kernel_t; and what the limitations of what can be done with the data are. I was hoping there is a document compiled somewhere that provides this (and similar) information.

- Ken -




--- End Message ---

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]