[PATCH] enable /proc/$$/loginuid

Stephen Smalley sds at epoch.ncsc.mil
Tue Jan 18 14:50:37 UTC 2005


On Tue, 2005-01-18 at 09:48, Steve Grubb wrote:
> On Tuesday 18 January 2005 09:30, Stephen Smalley wrote:
> > The loginuid serves no purpose for non-auditable tasks, and it
> > seems wasteful to put it into the task struct.
> 
> I thought that people writing SE Linux policy wants this information available 
> for all tasks.

We'd like to have it available for programs like newrole, but that is
run from a user session and should thus already be auditable.  Given
that an audit context is always set up unless the task is explicitly
marked non-auditable, and the only task likely to be marked
non-auditable is the audit daemon itself, I'm not sure why it matters. 
Notice that at the point where an audit context is created for the task,
we don't have any criteria for determining whether the task should be
audited other than the pid and its parent task information.  That is why
an audit context is almost always created, even if it isn't used in the
end.

-- 
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency




More information about the Linux-audit mailing list