netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [PATCH] LSM networking update: summary (0/5)

from [David S. Miller] [Permanent Link][Original]
To: Makan.Pourzandi@xxxxxxxxxxx
Subject: Re: [PATCH] LSM networking update: summary (0/5)
From: "David S. Miller" <davem@xxxxxxxxxx>
Date: Sat, 08 Feb 2003 00:24:08 -0800 (PST)
Cc: jmorris@xxxxxxxxxxxxxxxx, kuznet@xxxxxxxxxxxxx, linux-security-module@xxxxxxxxx, netdev@xxxxxxxxxxx
In-reply-to: <7B2A7784F4B7F0409947481F3F3FEF8305CC9531@xxxxxxxxxxxxxxxxxxxxxxxxxx>
References: <7B2A7784F4B7F0409947481F3F3FEF8305CC9531@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx 
   From: "Makan Pourzandi (LMC)" <Makan.Pourzandi@xxxxxxxxxxx>
   Date: Fri, 7 Feb 2003 11:58:49 -0500 

   Actually, we know that based on FIPS documents
   (http://csrc.nist.gov/publications/fips/fips188/fips188.ps) we can
   use ip options for security purposes. I believe for my part that
   this hook can be useful if used to decode ip options and decide to
   drop or not the ip packets. I don't believe that this level of
   control can be achieved using other hooks at socket layer. 

James added a hook for SKB reception, you can do whatever you
want in analzying incoming packet contents using that generic
hook.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [PATCH] LSM networking update: summary (0/5), James Morris
Next by Date:  Re: [PATCH] LSM networking update: summary (0/5), David S. Miller
Previous by Thread:  Re: [PATCH] LSM networking update: summary (0/5), James Morris
Next by Thread:  [no subject], Andreas Herrmann
Indexes:  [Date] [Thread] [Top] [All Lists]