Re: [PATCH] LSM networking: tcp hooks for 2.5.59 (8/8)

To: "David S. Miller" <davem@xxxxxxxxxx>
Subject: Re: [PATCH] LSM networking: tcp hooks for 2.5.59 (8/8)
From: James Morris <jmorris@xxxxxxxxxxxxxxxx>
Date: Sat, 1 Feb 2003 11:12:33 +1100 (EST)
Cc: kuznet@xxxxxxxxxxxxx, <netdev@xxxxxxxxxxx>, <linux-security-module@xxxxxxxxx>
In-reply-to: <20030130.161638.83467438.davem@xxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
On Thu, 30 Jan 2003, David S. Miller wrote:

> If you think this is implementable, then I'll happily accept the
> net/socket.c stuff and even the af_unix hack, with the assumption
> being that the rest can be handled by netfilter or something similar.
> Oh yes, I'd also take the netlink capability thing too as long as it
> was inlined properly for the no-security case.

Explicitly labeled networking and the SELinux extended sockets API
probably can't be supported with just these hooks and Netfilter.

However, this subset of the networking hooks will still be very useful in
general, and we'll rework the patch accordingly.

- James
James Morris

