[PATCH] Add audit uid to netlink credentials

Stephen Smalley sds at epoch.ncsc.mil
Wed Feb 9 13:34:39 UTC 2005


On Tue, 2005-02-08 at 01:04, Patrick McHardy wrote:
> Reception of netlink messages in the kernel happens in the context
> of the sending process, so you can simply call
> audit_get_loginuid(current->audit_context) in audit_receive_msg().

Then why does netlink_sendmsg() need to save the effective capability
set of the sender in the control buffer (via security_netlink_send) for
later checking by other receive functions in the kernel (via
security_netlink_recv)?  What prevents audit_receive() or other similar
receive functions in the kernel from processing messages sent by
multiple senders?

-- 
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency




More information about the Linux-audit mailing list