[PATCH v8 04/12] landlock: Control pathname UNIX domain socket resolution by path
Sebastian Andrzej Siewior
bigeasy at linutronix.de
Thu Apr 2 09:51:42 UTC 2026
On 2026-03-27 17:48:29 [+0100], Günther Noack wrote:
> * Add a new access right LANDLOCK_ACCESS_FS_RESOLVE_UNIX, which
> controls the lookup operations for named UNIX domain sockets. The
> resolution happens during connect() and sendmsg() (depending on
> socket type).
…
> Cc: Tingmao Wang <m at maowtm.org>
> Cc: Justin Suess <utilityemal77 at gmail.com>
> Cc: Mickaël Salaün <mic at digikod.net>
> Cc: Sebastian Andrzej Siewior <bigeasy at linutronix.de>
> Cc: Kuniyuki Iwashima <kuniyu at google.com>
> Suggested-by: Jann Horn <jannh at google.com>
> Link[1]: https://github.com/landlock-lsm/linux/issues/36
> Link[2]: https://lore.kernel.org/all/20260205.8531e4005118@gnoack.org/
> Signed-off-by: Günther Noack <gnoack3000 at gmail.com>
The unix bits look okay to me,
Acked-by: Sebastian Andrzej Siewior <bigeasy at linutronix.de>
Sebastian
More information about the Linux-security-module-archive
mailing list