How are we supposed to write policy for programs that bind to random unused
ports >1024? There doesn't seem to be any macro that allows binging to
unreserved_port_t except corenet_tcp_bind_all_unreserved_ports() which is too
permissive.
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
Russell Coker <[email protected]> writes:
> How are we supposed to write policy for programs that bind to random unused
> ports >1024? There doesn't seem to be any macro that allows binging to
> unreserved_port_t except corenet_tcp_bind_all_unreserved_ports() which is too
> permissive.
Seems like corenet_tcp_bind_unreserved_ports() is currently missing. Please
add. There is a corenet_tcp_bind_reserved_ports().
--
gpg --locate-keys [email protected]
Key fingerprint = FCD2 3660 5D6B 9D27 7FC6 E0FF DA7E 521F 10F6 4098
https://sks-keyservers.net/pks/lookup?op=get&search=0xDA7E521F10F64098
Dominick Grift