On Fri, 30 Sep 2005, Gregory Maxwell wrote:
We proably need to rethink the way IP sockets default to 'raw', as new IP protocols are sometimes developed (DCCP has just been implemented) and we don't know that the 'raw' IP controls always appropriate.
In many cases the use of new protocols is so special use that it wouldn't hurt to give apps raw until better support is added. For example, a routing daemon speaking OSPF.
Agreed. All of the checks for 'raw' sockets are at the IP level, so hopefully nothing will break.
SCTP obviously will need full support, since it will eventually be used as a general purpose transport in many applications and may eventually supplant TCP and UDP in some places. It would be nice if SElinux could step up to controlling the ability to control all address bindings (i.e. application X can only form connections on the secure network), but since they can be added and removed on an active connection that might be interesting.
Is there currently the ability to control IPSec behavior from SElinux (i.e. application X can only use TCP across an encrypted link), if so that might provide some guidance in how to make some of the extra sctp knobs look..
There's some work heading upstream integrating SELinux and IPSec, check the recent netdev archives.
- James