[PATCH] Uids should not be allowed to set to negative

Hello Steve, When I tried to set uid to negative, no error message was outputed and the return value was 0. In the rule list, the value of uid was also negative. Negative uid does not exist and the negative user can't be added. So, I think uids can't be set to negative. It is also strange that gid can't be set to negative, while uid can. I did as follows: #auditctl -a exit,always -F uid=-1 #auditctl -l LIST_RULES: exit,always uid=-1 (0xffffffff) syscall=all Signed-off-by: Cai Xianchao <caixianchao(a)cn.fujistu.com&gt; --- diff --git a/deprecated.c b/deprecated.c index 6bf42dd..94954a5 100644 --- a/deprecated.c +++ b/deprecated.c @@ -257,10 +257,6 @@ int audit_rule_fieldpair(struct audit_rule *rule, const char *pair, int flags) if (isdigit((char)*(v))) rule->values[rule->field_count] = strtol(v, NULL, 0); - else if (vlen >= 2 && *(v)=='-' && - (isdigit((char)*(v+1)))) - rule->values[rule->field_count] = - strtol(v, NULL, 0); else { if (name_to_uid(v, &rule->values[rule->field_count])) { diff --git a/libaudit.c b/libaudit.c index 7d48d78..85adbc5 100644 --- a/libaudit.c +++ b/libaudit.c @@ -850,10 +850,6 @@ int audit_rule_fieldpair_data(struct audit_rule_data **rulep, const char *pair, if (isdigit((char)*(v))) rule->values[rule->field_count] = strtol(v, NULL, 0); - else if (vlen >= 2 && *(v)=='-' && - (isdigit((char)*(v+1)))) - rule->values[rule->field_count] = - strtol(v, NULL, 0); else { if (audit_name_to_uid(v, &rule->values[rule->field_count])) {