Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754777AbZLRPqo (ORCPT ); Fri, 18 Dec 2009 10:46:44 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1753314AbZLRPqj (ORCPT ); Fri, 18 Dec 2009 10:46:39 -0500 Received: from earthlight.etchedpixels.co.uk ([81.2.110.250]:60965 "EHLO www.etchedpixels.co.uk" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751563AbZLRPqi (ORCPT ); Fri, 18 Dec 2009 10:46:38 -0500 Date: Fri, 18 Dec 2009 15:46:34 +0000 From: Alan Cox To: Michael Stone Cc: Mark Seaborn , linux-kernel@vger.kernel.org, netdev@vger.kernel.org, linux-security-module@vger.kernel.org, Andi Kleen , David Lang , Oliver Hartkopp , Herbert Xu , Valdis Kletnieks , Bryan Donlan , Evgeniy Polyakov , "C. Scott Ananian" , James Morris , "Eric W. Biederman" , Bernie Innocenti , Randy Dunlap , =?ISO-8859-14?B?QW3pcmljbw==?= Wang , Michael Stone Subject: Re: [PATCH 1/3] Security: Add prctl(PR_{GET,SET}_NETWORK) interface. (v2) Message-ID: <20091218154634.79decdc4@lxorguk.ukuu.org.uk> In-Reply-To: <20091218032957.GA23514@heat> References: <20091218030056.GC3047@heat> <20091218032957.GA23514@heat> X-Mailer: Claws Mail 3.7.3 (GTK+ 2.16.6; x86_64-redhat-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1336 Lines: 29 On Thu, 17 Dec 2009 22:29:57 -0500 Michael Stone wrote: > Daniel Bernstein has observed [1] that security-conscious userland processes Dan Bernstein has observed many things .. ;) > may benefit from the ability to irrevocably remove their ability to create, > bind, connect to, or send messages except in the case of previously connected > sockets or AF_UNIX filesystem sockets. We provide this facility by implementing > support for a new prctl(PR_SET_NETWORK) flag named PR_NETWORK_OFF. This is a security model, it belongs as a security model using LSM. You can already do it with SELinux and the like as far as I can see but that's not to say you shouldn't submit it also as a small handy standalone security module for people who don't want to load the big security modules. Otherwise you end up putting crap in fast paths that nobody needs but everyone pays for and weird tests and hacks for address family and like into core network code. The fact the patches look utterly ugly should be telling you something - which is that you are using the wrong hammer -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/