Re: Two netlink patches
On Thu, 2004-12-16 at 11:03 -0500, Stephen Smalley wrote:
> By extending the NETLINK_CREDS(skb), I assume you mean adding a
void
> *security? Perhaps that's actually the cleaner way to go, if only
> because it lets the actual receiving subsystem perform the check, rather
> than netlink. That's the part I don't like about my patch. While in
> this case it's just audit, that may change, and soon
> security_netlink_send becomes a central location for checks for all
> sorts of protocols...
The problem is that if that security field is dynamically allocated,
then you have the standard lifecycle management issues, so you need
other hooks to ensure that it is properly freed. If we had a fixed size
Right, adding those hooks would take a pretty invasive patch, and given
that skb->security was rejected, we can't just hook into skb lifecycle
management.
Perhaps the last patch I sent out (with most code in audit.c, but hooked
into netlink_send security checks) should go to the maintainers you
listed for comments?
I will wait until tomorrow in case anyone feels we should be trying
something different first.
thanks,
-serge
--
Serge Hallyn <serue(a)us.ibm.com>