[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

reporting loginuid on AUDIT_USER message



Based on earlier discussion, we have a few options:

  1. hack netlink to send loginuid along with credentials
  2. Get the loginuid from the task struct by pid at audit_receive_msg
(), and require the programs sending AUDIT_USER messages to make sure
that the process does not exit until a reply has been received.
  3. Have the user-space programs send loginuid (as received
from /proc/$$/loginuid) in the actual AUDIT_USER message.

Do we have a preference?  (1) is the most invasive, and would require
going through netdev, but seems the cleanest to me.  On the other hand,
we could just say we're going with (3) as a way to put off having to
make a decision...

thanks,
-serge
-- 
Serge Hallyn <serue us ibm com>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]