netdev
[Top] [All Lists]

Re: [RFC] SO_PEERSEC - security credentials for Unix stream sockets

To: James Morris <jmorris@xxxxxxxxxx>
Subject: Re: [RFC] SO_PEERSEC - security credentials for Unix stream sockets
From: "David S. Miller" <davem@xxxxxxxxxx>
Date: Wed, 10 Dec 2003 14:56:52 -0800
Cc: kuznet@xxxxxxxxxxxxx, netdev@xxxxxxxxxxx, linux-security-module@xxxxxxxxx, sds@xxxxxxxxxxxxxx
In-reply-to: <Xine.LNX.4.44.0312101110010.27922-100000@xxxxxxxxxxxxxxxxxxxxxxxx>
References: <Xine.LNX.4.44.0312101110010.27922-100000@xxxxxxxxxxxxxxxxxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
On Wed, 10 Dec 2003 11:33:53 -0500 (EST)
James Morris <jmorris@xxxxxxxxxx> wrote:

> Three new LSM hooks have been implemented:
> 
> - socket_getpeersec() is the getsockopt interface.
> 
> - sk_alloc_security() and sk_free_security() facilitate the use of an
>   sk_security field, which is used to store the security credentials of 
>   the Unix peer.  We can't use an existing security field for this (e.g. 
>   inode), as we need the security credentials of the server's child 
>   socket.  This follows the same general scheme used for managing existing 
>   Unix peer credentials.
> 
> Comments?

I'm fine with this conceptually, although the earliest I could put
this into the tree is 2.6.1 although I have a hunch that I'll be
asked to defer something like this to 2.6.2, but who knows.

The one thing I don't like is the ifdef conditionalized member of
the sock struct.  We should move away from config variables changing
structure layouts.  Even a "void *sk_security;" would be better.

<Prev in Thread] Current Thread [Next in Thread>