On Sun, 2005-01-09 at 20:00, Serge E. Hallyn wrote:
This I was wondering about. loginuid is a uid_t, which is
kernel_uid32_t, which is an unsigned int. So I have to ask
again: do we really want to use -1 as a default?
Would it make you happier to use ~0? ;)
David Woodhouse pointed out that no value in the uid space is reserved
for such use. But it seems a bit of a stretch to use the kernel's key
management facilities for an immutable identity for audit purposes.
You could introduce a separate flag indicating whether the loginuid is
set at all, and export both the flag and the uid value, with the latter
simply being 0 if the flag indicates that the loginuid has not been set.
--
Stephen Smalley <sds(a)epoch.ncsc.mil>
National Security Agency