Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 81e45ff9 authored by Konstantin Andreev's avatar Konstantin Andreev Committed by Greg Kroah-Hartman
Browse files

smack: unix sockets: fix accept()ed socket label 



[ Upstream commit e86cac0acdb1a74f608bacefe702f2034133a047 ]

When a process accept()s connection from a unix socket
(either stream or seqpacket)
it gets the socket with the label of the connecting process.

For example, if a connecting process has a label 'foo',
the accept()ed socket will also have 'in' and 'out' labels 'foo',
regardless of the label of the listener process.

This is because kernel creates unix child sockets
in the context of the connecting process.

I do not see any obvious way for the listener to abuse
alien labels coming with the new socket, but,
to be on the safe side, it's better fix new socket labels.

Signed-off-by: default avatarKonstantin Andreev <andreev@swemel.ru>
Signed-off-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
parent c6d593c2
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment