[RFC][PATCH] loginuid through procfs (+ a question)

Steve Grubb sgrubb at redhat.com
Thu Jan 13 23:00:24 UTC 2005


On Thursday 13 January 2005 15:45, Stephen Smalley wrote:
> David Woodhouse pointed out that no value in the uid space is reserved
> for such use.  

I see places in the kernel setting -1 for uid on init, though. For example, 
look at security/keys/keyctl.c

> You could introduce a separate flag indicating whether the loginuid is
> set at all, and export both the flag and the uid value, with the latter
> simply being 0 if the flag indicates that the loginuid has not been set.

If uid_t is 32 bits, I doubt anyone will have 4 billion users. -1 would work. 
We can also check for that value being set through theinterface and flag it 
as an error. This should probably be discussed on lkml I think. Its a system 
wide policy used in different places. more people than us probably have the 
same issue.

-Steve Grubb




More information about the Linux-audit mailing list