On Friday, August 24 2007 8:58:28 am Kentaro Takeda wrote: > LSM hooks for network accept and recv: > * socket_post_accept is modified to return int.
This has been discussed several times on various lists and is not considered an acceptable solution to blocking incoming stream connection attempts. Please take a look at the existing LSM stream connection request hooks as well as how SELinux makes use of them. > * post_recv_datagram is added in skb_recv_datagram. Can you explain to me why this is not possible using the existing security_socket_sock_rcv_skb() LSM hook? -- paul moore linux security @ hp - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
