Re: Is PROT_SOCK still relevant?

From: One Thousand Gnomes
Date: Mon Dec 14 2015 - 14:40:08 EST


> Perhaps lets consider this in another way if it is strongly held that
> this is worth while in the default configuration: can it default off
> in the context of selinux / other security frameworks (preferably
> based on their detection and/or controllably settable at runtime)?
> Those allow more powerful and finer grain control and don't need this
> to be there as they already provide auditing on what operations and
> port numbers should be allowed by what programs.

That would be a regression and a very very bad one to have. The defaults
need to always be the same as before - or stronger and never go back
towards insecurity, otherwise they could make things less safe.

> Or how about letting port number concerns be handled by those security
> frameworks all together considering it is limited security?

There are already half a dozen different ways to handle it from xinetd
through setcap, to systemd spawning it, to iptables.

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/