Il giorno mar, 24/04/2007 alle 06.51 -0700, Casey Schaufler ha scritto: > --- Roberto De Ioris <[email protected]> wrote: > > > Hi all, > > this is a very simple module that allows bind() to tcp/udp port (>=1024) > > only for the uids defined in a configfs tree. > > Would you be so kind as to cross post to linux-security-module? > Methinks that you might get additional valuable feedback there. Surely, in the next hour i will release a new version with tcp/udp support and the possibility to specify ipv4 addresses. I will post in linux-security-module too > > > It is a first version, it only works for PF_INET sockets and makes no > > difference between tcp and udp (i am working on this) > > > > For (little) more info see > > > > http://projects.unbit.it/uidbind/ > > > > Patch attached is for vanilla 2.6.20.7 > > It would be correct to return -EACCES rather than -EPERM in the > access denial case. EACCES indicates that an access control decision > failed, while EPERM indicates that use of a privileged operation > was attempted while not possessing appropriate privilege. Done, thanks :) -- Roberto De Ioris http://unbit.it JID: [email protected] Wii: 2999 4476 3509 0964
Attachment:
signature.asc
Description: Questa =?ISO-8859-1?Q?=E8?= una parte del messaggio firmata digitalmente
- References:
- Re: [ANNOUNCE] UidBind LSM 0.1
- From: Casey Schaufler <[email protected]>
- Re: [ANNOUNCE] UidBind LSM 0.1
- Prev by Date: [PATCH] cfq: get rid of cfqq hash
- Next by Date: Re: [patch v2] Fixes and cleanups for earlyprintk aka boot console.
- Previous by thread: Re: [ANNOUNCE] UidBind LSM 0.1
- Next by thread: [PATCH] x86_64: make GART PTEs uncacheable
- Index(es):
 |