On 02/24/2015 05:02 PM, Tai Nguyen (tainguye) wrote: > What is the default context for abstract namespace socket (e.g.. > @socketname) ? And how do we check ?
In the case of a local socket in the abstract namespace, there is only one kernel object, the socket, which is labeled with the creating process' security context. Unless the application was instrumented to call setsockcreatecon() prior to creating the socket (and is allowed by policy to set its sockcreate context and to create a socket with another context). In comparison, with a local socket in the file namespace, there are two kernel objects, the socket and the socket file, where the socket is likewise labeled with the creating process' security context but the file is labeled in the usual manner, typically inheriting from the parent directory or following a type_transition rule if defined. So the socket objects are always labeled consistently; it is merely a question of whether this is an associated file object or not. _______________________________________________ Seandroid-list mailing list Seandroid-list@tycho.nsa.gov To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov. To get help, send an email containing "help" to seandroid-list-requ...@tycho.nsa.gov.
