I inadvertently sent this to cpebenito@tresys.com rather than to the list. Here it is for the list:
Christopher J. PeBenito wrote:
On Wed, 2007-05-23 at 15:11 -0700, Ken wrote:
I became interested in SELinux primarily to increase the level of
security I have when I am connected to the Internet, and until recently I have not allowed kernel_t to send or receive rawip over the Internet. I have recently allowed this because I was having difficulty making an online payment without this enabled. Since enabling this, I have wondered what the security implications of allowing kernel_t to send and receive rawip on the Internet are;
Its normal behavior, the kernel needs the permission so can handle ICMP traffic, e.g. ping replies, destination unreachable, etc.
I am aware of ICMP traffic, but even the best programs and protocols can be unexpectedly vulnerable to exploitation; and from a logical perspective, I have (completely and unconditionally) opened my system to allow a particular type of communication with outside connections -- at least with respect to SELinux. My interest is in learning what the logical limits are with respect to what can be sent and received as rawip to and from kernel_t; and what the limitations of what can be done with the data are. I was hoping there is a document compiled somewhere that provides this (and similar) information.
- Ken -
selinux@lists.fedoraproject.org