I became interested in SELinux primarily to increase the level of security I have when I am connected to the Internet, and until recently I have not allowed kernel_t to send or receive rawip over the Internet. I have recently allowed this because I was having difficulty making an online payment without this enabled. Since enabling this, I have wondered what the security implications of allowing kernel_t to send and receive rawip on the Internet are; and I was hoping someone could direct me to a good source for technical information about the security implications of allowing various permissions.