[PATCH] Add audit uid to netlink credentials

[David Woodhouse]

On Thu, 2005-02-10 at 07:40 -0500, Stephen Smalley wrote:
> To be precise, isn't it true that someone with only CAP_AUDIT_WRITE
> would only be able to spoof loginuids in the AUDIT_USER messages they
> generate?  The loginuid on any syscall audit messages for the task would
> still be the one associated with the task's audit context, so that would
> not be spoofable.

Correct.

-- 
dwmw2