Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S261220AbUKSCPJ (ORCPT ); Thu, 18 Nov 2004 21:15:09 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S261198AbUKSBx4 (ORCPT ); Thu, 18 Nov 2004 20:53:56 -0500 Received: from mx1.redhat.com ([66.187.233.31]:26752 "EHLO mx1.redhat.com") by vger.kernel.org with ESMTP id S262849AbUKRSkw (ORCPT ); Thu, 18 Nov 2004 13:40:52 -0500 Date: Thu, 18 Nov 2004 13:40:35 -0500 (EST) From: James Morris X-X-Sender: jmorris@thoron.boston.redhat.com To: Alan Cox cc: Ross Kendall Axe , , Stephen Smalley , lkml , Chris Wright , "David S. Miller" Subject: Re: [PATCH] linux 2.9.10-rc1: Fix oops in unix_dgram_sendmsg when using SELinux and SOCK_SEQPACKET In-Reply-To: <1100796518.6019.11.camel@localhost.localdomain> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 942 Lines: 29 On Thu, 18 Nov 2004, Alan Cox wrote: > On Iau, 2004-11-18 at 08:27, James Morris wrote: > > 2) Ensure that unix_dgram_sendmsg() fails for SOCK_SEQPACKET sockets which > > are not connected, otherwise someone could bypass LSM by sending on an > > unconnected socket. > > What about half closed and other connected states ? This patch seems > inadequate for things like X.25 The patch only affects the Unix code and does not change existing semantics for other connected states. One thing that looks broken (unrelated to the patch I posted) is that unix_dgram_sendmsg() already does not check sk->sk_shutdown & SEND_SHUTDOWN for SOCK_SEQPACKET. - James -- James Morris - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/