On Monday 17 December 2007 2:45:50 pm Stephen Smalley wrote:
> On Fri, 2007-12-14 at 16:50 -0500, Paul Moore wrote:
> > Add an inet_sys_snd_skb() LSM hook to allow the LSM to provide packet
> > level access control for all outbound packets. Using the existing
> > postroute_last netfilter hook turn
On Fri, 2007-12-14 at 16:50 -0500, Paul Moore wrote:
> Add an inet_sys_snd_skb() LSM hook to allow the LSM to provide packet level
> access control for all outbound packets. Using the existing postroute_last
> netfilter hook turns out to be problematic as it is can be invoked multiple
> times for
Add an inet_sys_snd_skb() LSM hook to allow the LSM to provide packet level
access control for all outbound packets. Using the existing postroute_last
netfilter hook turns out to be problematic as it is can be invoked multiple
times for a single packet, e.g. individual IPsec transforms, adding unw
