[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [PATCH] Add audit uid to netlink credentials



On Wed, 2005-02-09 at 09:50, Serge Hallyn wrote:
> CAP_AUDIT_WRITE is needed, but not CAP_AUDIT_CONTROL, which is needed to
> set the loginuid.  Of course, an LSM could check at
> security_netlink_send whether the login_uid in the payload is the same
> as the real loginuid.  Otherwise, we're wasting a (very precious)
> capability bit.
> 
> In either case, have we decided we don't want it in the netlink
> credentials after all?

If the audit subsystem truly needs to include the loginuid in audit
messages generated upon processing netlink messages, then I think it
belongs in the control buffer as per your patch.  Alexey has confirmed
that we cannot use the current task's audit context regardless.

As a side bar, a similar security field in the control buffer would
likewise be very useful so that SELinux could set the SID for use in
permission checks by receive functions.

-- 
Stephen Smalley <sds epoch ncsc mil>
National Security Agency


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]