linux icon indicating copy to clipboard operation
linux copied to clipboard
verified publisher icon landlock-lsm

Restrict use of SYSV message queues

Open gnoack opened this issue 1 year ago • 1 comments

System V message queues are acquired with msgget(2). The key for acquiring these is in a system-global namespace, so it seems that we might want to restrict their use somehow, even when they are rarely used in practice today, judging by Debian code search.

There are existing LSM hooks for these, called security_msg_queue_*.

Capsicum is also restricting System V IPC (https://www.usenix.org/legacy/event/sec10/tech/full_papers/Watson.pdf, page 4)

gnoack avatar Apr 08 '24 20:04 gnoack

Looks good! For IPCs, I think being able to scope them to Landlock domains would makes sense in most cases and be easy to use. I'm not sure it would be worth it to be able to create dedicated rules.

Anyway, that's really close to #7, #8, and #29.

l0kod avatar Apr 11 '24 13:04 l0kod