Il giorno mar, 24/04/2007 alle 06.51 -0700, Casey Schaufler ha scritto: > --- Roberto De Ioris <[EMAIL PROTECTED]> wrote: > > > Hi all, > > this is a very simple module that allows bind() to tcp/udp port (>=1024) > > only for the uids defined in a configfs tree. > > Would you be so kind as to cross post to linux-security-module? > Methinks that you might get additional valuable feedback there.
Surely, in the next hour i will release a new version with tcp/udp support and the possibility to specify ipv4 addresses. I will post in linux-security-module too > > > It is a first version, it only works for PF_INET sockets and makes no > > difference between tcp and udp (i am working on this) > > > > For (little) more info see > > > > http://projects.unbit.it/uidbind/ > > > > Patch attached is for vanilla 2.6.20.7 > > It would be correct to return -EACCES rather than -EPERM in the > access denial case. EACCES indicates that an access control decision > failed, while EPERM indicates that use of a privileged operation > was attempted while not possessing appropriate privilege. Done, thanks :) -- Roberto De Ioris http://unbit.it JID: [EMAIL PROTECTED] Wii: 2999 4476 3509 0964
signature.asc
Description: Questa รจ una parte del messaggio firmata digitalmente
