On Tue, 2017-06-20 at 15:49 -0400, Paul Moore wrote:

On Mon, Jun 19, 2017 at 5:33 PM, Luis Ressel [off-list ref] wrote:

quoted

For PF_UNIX, SOCK_RAW is synonymous with SOCK_DGRAM (cf.
net/unix/af_unix.c). This is a tad obscure, but libpcap uses it.

Signed-off-by: Luis Ressel <redacted>
Acked-by: Stephen Smalley <redacted>
---
?security/selinux/hooks.c | 1 +
?1 file changed, 1 insertion(+)

My only concern is what effect this will have on existing policy.
Prior to this patch PF_UNIX/SOCK_RAW will result in the generic
"socket" class where after this patch it will result in the
"unix_dgram_socket".??I believe this is the right change, but it
seems
like this should be wrapped by a policy capability, yes?

I doubt it is worth a policy capability.  Permission to create/use
socket tends to be far rarer than permission to create/use
unix_dgram_socket; looks like we never allow the former without the
latter in Fedora, for example.

quoted

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 819fd6858b49..1a331fba4a3c 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c

@@ -1275,6 +1275,7 @@ static inline u16

socket_type_to_security_class(int family, int type, int protoc
????????????????case SOCK_SEQPACKET:
????????????????????????return SECCLASS_UNIX_STREAM_SOCKET;
????????????????case SOCK_DGRAM:
+???????????????case SOCK_RAW:
????????????????????????return SECCLASS_UNIX_DGRAM_SOCKET;
????????????????}
????????????????break;
--
2.13.1

--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html