Audit perms check on recv (Re: Two netlink patches)
Stephen Smalley
sds at epoch.ncsc.mil
Mon Dec 27 14:03:18 UTC 2004
On Fri, 2004-12-24 at 11:28, Serge E. Hallyn wrote:
> > The basic approach seems reasonable to me. The untested patch below
> > should change SELinux to fit with this approach; it calls the secondary
>
> Thanks. The attached patch includes this patch, but I won't be able to
> test the SELinux part until I get back to the office after next week. In
> the meantime I'll also look into taking the audit checks out of
> selinux_netlink_send() as you mentioned in the other email.
I'd hold off on removing the SELinux audit checks for now, even if they
are redundant. I think we'll need to phase them out gradually while
adjusting policy at the same time.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the Linux-audit
mailing list