|Main Archive Page > Month Archives > linux-security-module archives|
> Casey Schaufler wrote:
> > Putting access control on ports rather than sockets is a novel
> > approach. It is a lot simpler underneath and more consistant with
> > the way other object name spaces are treated.
> I prefer Novell's approach. It is easy like using iptables.
I prefer the file system name space approach to the router command line interface approach. I like using the same utilities (e.g. ls) to examine the variety of objects at my disposal.
> In TOMOYO Linux, I do in the following way.
> allow_network TCP bind 192.168.1.17 8081 if task.uid=1017
> allow_network UDP bind 192.168.1.17 8081 if task.uid=1017
> allow_network TCP bind 192.168.1.26 8081 if task.uid=1026
> allow_network UDP bind 192.168.1.26 8081 if task.uid=1026
> I wish LSM has post-accept() and post-recvmsg() hooks.
> Don't you think it's nice if administrator can limit
> client's IP addresses and ports (even if tcp-wrappers
> was bypassed due to buffer overflow) ?
Not particularly. I don't care much for putting policy in the hands of an overworked and underappreciated kid who's job description makes enforcing good security a shortcut to the layoff list. Better the underlying system should take the blame.
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to firstname.lastname@example.org More majordomo info at http://vger.kernel.org/majordomo-info.html