[PATCH v2 0/6] Landlock: Implement scope control for pathname Unix sockets
Tingmao Wang
m at maowtm.org
Sun Feb 8 02:57:16 UTC 2026
On 2/5/26 19:15, Mickaël Salaün wrote:
> On Thu, Feb 05, 2026 at 10:18:54AM -0500, Justin Suess wrote:
>>
>> On 2/4/26 13:28, Mickaël Salaün wrote:
>>
>>>> [...]
>>>> Tingmao:
>>>>
>>>> For connecting a pathname unix socket, the order of the hooks landlock sees is something like:
>>>>
>>>> 1. security_unix_find. (to look up the paths)
>>>>
>>>> 2. security_unix_may_send, security_unix_stream_connect (after the path is looked up)
btw, ideally for pathname sockets we can leave all the checking in the
security_unix_find() hook (as newly proposed, with the struct sock *other
param), and not have to e.g. call domain_is_scoped() again in
security_unix_may_send and security_unix_stream_connect, right?
(Although if this changes error codes, we might have to "delay" the denial
until the may_send/connect hooks...? Hopefully not but not checked.)
More information about the Linux-security-module-archive
mailing list