[RFC][PATCH] loginuid through procfs (+ a question)
Steve Grubb
sgrubb at redhat.com
Thu Jan 13 23:00:24 UTC 2005
On Thursday 13 January 2005 15:45, Stephen Smalley wrote:
> David Woodhouse pointed out that no value in the uid space is reserved
> for such use.
I see places in the kernel setting -1 for uid on init, though. For example,
look at security/keys/keyctl.c
> You could introduce a separate flag indicating whether the loginuid is
> set at all, and export both the flag and the uid value, with the latter
> simply being 0 if the flag indicates that the loginuid has not been set.
If uid_t is 32 bits, I doubt anyone will have 4 billion users. -1 would work.
We can also check for that value being set through theinterface and flag it
as an error. This should probably be discussed on lkml I think. Its a system
wide policy used in different places. more people than us probably have the
same issue.
-Steve Grubb
More information about the Linux-audit
mailing list