proc_loginuid_write() checks wrong capability?
Steve Beattie
sbeattie at suse.de
Tue Feb 6 18:27:15 UTC 2007
Hi,
Looking at the code for proc_loginuid_write() in Linus' git tree, the
capability CAP_AUDIT_CONTROL is needed to write to /proc/pid/loginuid
and generate LOGIN type records. This seems to run counter to the
capabilities(7) manpage, which suggests that CAP_AUDIT_CONTROL is to
"Enable and disable kernel auditing; change auditing filter rules;
retrieve auditing status and filtering rules", whereas CAP_AUDIT_WRITE
is to "Allow records to be written to kernel auditing log."
Should the following patch be applied, or am I misunderstanding
something? It doesn't seem quite right that anything that makes use of
pam_loginuid.so should need to be granted the capability that allows
enabling and disabling kernel auditing or changing filter rules.
Signed-off-by: Steve Beattie <sbeattie at suse.de>
---
fs/proc/base.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: kernel-linus/fs/proc/base.c
===================================================================
--- kernel-linus.orig/fs/proc/base.c
+++ kernel-linus/fs/proc/base.c
@@ -741,7 +741,7 @@ static ssize_t proc_loginuid_write(struc
ssize_t length;
uid_t loginuid;
- if (!capable(CAP_AUDIT_CONTROL))
+ if (!capable(CAP_AUDIT_WRITE))
return -EPERM;
if (current != pid_task(proc_pid(inode), PIDTYPE_PID))
Thanks.
--
Steve Beattie
SUSE Labs, Novell Inc.
<sbeattie at suse.de>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20070206/d2cb9759/attachment.sig>
More information about the Linux-audit
mailing list