[redhat-lspp] Re: [RFC] [MLSXFRM 02/04] Add enforcement to SE Linux LSM
Trent Jaeger
tjaeger at cse.psu.edu
Fri Jun 16 20:16:53 UTC 2006
On Jun 16, 2006, at 11:03 AM, Venkat Yekkirala wrote:
>> I am not sure that this semantics works right for the TE case
>> where a
>> server may receive requests from clients of different types.
>
> The server may receive requests from clients of different types
> (as taken from the SAs the requests used) as long as the server type
> has the association { recvfrom } access to the client (SA) type per
> SELinux policy.
In selinux_xfrm_policy_lookup, we check that the fl_sid has access to
the xfrm policy's sid before using that policy.
On input, I take this to mean that we must have granted the type of
the SA access to the policy, and the case of the server receiving a
packet from a client these would be the same (client's type).
At least on the first input via this flow. Then, it looks like the
flow cache will hit based on your changes and we will be OK.
Regards,
Trent.
----------------------------------------------
Trent Jaeger, Associate Professor
Pennsylvania State University, CSE Dept
346A IST Bldg, University Park, PA 16802
Email: tjaeger at cse.psu.edu
Ph: (814) 865-1042, Fax: (814) 865-3176
More information about the redhat-lspp
mailing list