Nicolas Williams wrote:
> On Thu, Aug 07, 2008 at 02:14:52PM -0700, Alan Coopersmith wrote:
>
>> Ric Aleshire wrote:
>>
>>> Yes - currently in the kernel socket I/O code, there is a check that the
>>> AF_UNIX socket endpoint is in the same
>>> zone as the server peer. The proposal for a) above means that this
>>> check will be modified, so that when TX is
>>> enabled and the socket zone and server zone do not match, then the
>>> server must be in the global zone.
>>>
Thanks for the answer Ric.
>> Which raises the interesting question of whether that check should really
>> be for TX, or if this should be something that can be set on for any machine
>> with Zones, and which TX just happens to always set. It would seem things
>> like running X clients in Etude or BrandZ zones could also benefit from this.
>>
this sounds tempting.
anyway, the project team has the choice here whether to keep the scope
of this case as-is,
or extend it tp permit privileged cross-zone communication through
AF_UNIX sockets beyond
tx.
Kais
> I agree, though being careful to use untrusted cookies, of course.
>
> The problem this case is trying to solve affects non-TX zones uses too.
>
