[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

IPC auditing.



There isn't a convenient place to add information about IPC objects in
the audit_context. I'm reluctant to add it -- should we just add a
freeform area for data instead?

I note that auditing of various IPC operations is already done by
avc_audit(). That lacks the actual uid/gid/permissions which the user
tried to set, but could easily have them added.

It also handles network syscalls, to a certain extent. I'm trying to
work out how best to use if for syscall auditing too...

-- 
dwmw2


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]