On Thu, Aug 29, 2019 at 3:45 AM Michal Kubecek wrote:
> On Tue, Aug 27, 2019 at 04:47:04PM -0400, Paul Moore wrote:
> >
> > I'm also not a big fan of inserting the hook in rtnl_fill_ifinfo(); as
> > presented it is way too specific for a LSM hook for me to be happy.
> > However, I do agree that gi
On Tue, Aug 27, 2019 at 04:47:04PM -0400, Paul Moore wrote:
>
> I'm also not a big fan of inserting the hook in rtnl_fill_ifinfo(); as
> presented it is way too specific for a LSM hook for me to be happy.
> However, I do agree that giving the LSMs some control over netlink
> messages makes sense.
On Fri, Aug 23, 2019 at 7:41 AM Jeffrey Vander Stoep wrote:
> On Fri, Aug 23, 2019 at 1:19 AM David Miller wrote:
> > From: Jeff Vander Stoep
> > Date: Wed, 21 Aug 2019 15:45:47 +0200
> >
> > > MAC addresses are often considered sensitive because they are
> > > usually unique and can be used to
From: Jeffrey Vander Stoep
Date: Fri, 23 Aug 2019 13:41:38 +0200
> I could make this really generic by adding a single hook to the end of
> sock_msgrecv() which would allow an LSM to modify the message to omit
> the MAC address and any other information that we deem as sensitive in the
> future.
On Fri, Aug 23, 2019 at 1:19 AM David Miller wrote:
>
> From: Jeff Vander Stoep
> Date: Wed, 21 Aug 2019 15:45:47 +0200
>
> > MAC addresses are often considered sensitive because they are
> > usually unique and can be used to identify/track a device or
> > user [1].
> >
> > The MAC address is acc
Hi Jeff,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linus/master]
[cannot apply to v5.3-rc5 next-20190822]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux/commits
From: Jeff Vander Stoep
Date: Wed, 21 Aug 2019 15:45:47 +0200
> MAC addresses are often considered sensitive because they are
> usually unique and can be used to identify/track a device or
> user [1].
>
> The MAC address is accessible via the RTM_NEWLINK message type of a
> netlink route socket[
On Wed, Aug 21, 2019 at 4:34 PM Casey Schaufler wrote:
>
> On 8/21/2019 6:45 AM, Jeff Vander Stoep wrote:
> > MAC addresses are often considered sensitive because they are
> > usually unique and can be used to identify/track a device or
> > user [1].
> >
> > The MAC address is accessible via the R
On 8/21/2019 6:45 AM, Jeff Vander Stoep wrote:
> MAC addresses are often considered sensitive because they are
> usually unique and can be used to identify/track a device or
> user [1].
>
> The MAC address is accessible via the RTM_NEWLINK message type of a
> netlink route socket[2]. Ideally we cou
On Wed, Aug 21, 2019 at 3:45 PM Jeff Vander Stoep wrote:
>
> MAC addresses are often considered sensitive because they are
> usually unique and can be used to identify/track a device or
> user [1].
>
> The MAC address is accessible via the RTM_NEWLINK message type of a
> netlink route socket[2]. I
MAC addresses are often considered sensitive because they are
usually unique and can be used to identify/track a device or
user [1].
The MAC address is accessible via the RTM_NEWLINK message type of a
netlink route socket[2]. Ideally we could grant/deny access to the
MAC address on a case-by-case
11 matches
Mail list logo
