Re: mprotect abuse in slim

From: Mimi Zohar
Date: Tue Jan 09 2007 - 16:31:13 EST

Next message: Andrew Morton: "Re: .version keeps being updated"
Previous message: Avi Kivity: "Re: [kvm-devel] guest crash on 2.6.20-rc4"
In reply to: Pekka J Enberg: "Re: mprotect abuse in slim"
Next in thread: Valdis . Kletnieks: "Re: mprotect abuse in slim"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Arjan van de Ven <arjan@xxxxxxxxxxxxx> wrote on 01/08/2007 10:07:25 PM:

> Hi,
>
>maybe this is a silly question, but do you revoke not only the current
>fd entries, but also the ones that are pending in UNIX domain sockets
>and that are already being sent to the process? If not.. then you might
>as well not bother ;)
>
>Greetings,
> Arjan van de Ven

In the new slim code, which we haven't sent out but will soon, we added
the unix_may_send and unix_stream_connect hooks. The unix_may_send hook
prevents a demoted process from sending data on a higher integrity
socket; and the unix_may_connect hook prevents a process from
connecting to a lower integrity socket. The integrity level of the
socket is based on the integrity of the file associated with the Unix
domain socket.

The bottom line is that although we don't demote the pending socket
and would allow it to connect at the higher integrity, we simply don't
allow anything of lesser integrity to be sent over it.

Mimi Zohar
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: .version keeps being updated"
Previous message: Avi Kivity: "Re: [kvm-devel] guest crash on 2.6.20-rc4"
In reply to: Pekka J Enberg: "Re: mprotect abuse in slim"
Next in thread: Valdis . Kletnieks: "Re: mprotect abuse in slim"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]