New audit-perms patch [ Re: Audit perms check on recv ]

Casey Schaufler casey at schaufler-ca.com
Wed Jan 5 16:47:56 UTC 2005


--- Serge Hallyn <serue at us.ibm.com> wrote:

> I'm sorry, I thought that by "we are already way off
> spec" you were
> saying we shouldn't bother trying to follow the
> spec.

Well, there's the capability spec, which Linux has
tried to keep with (pretty much) and the audit spec,
which seems to be a different kettle of fish.

> I'll come back with a new patch after I go read the
> draft, because the
> meaning of CAP_AUDIT_CONTROL is not clear to me.

CAP_AUDIT_CONTROL is intended to be used for all
audit trail operations requiring privilege except
for application writing records to the audit trail.


=====
Casey Schaufler
casey at schaufler-ca.com


		
__________________________________ 
Do you Yahoo!? 
Read only the mail you want - Yahoo! Mail SpamGuard. 
http://promotions.yahoo.com/new_mail 




More information about the Linux-audit mailing list