Re: [RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring
On Wednesday, September 15, 2021 8:29:08 AM EDT Richard Guy Briggs wrote:
I was in the middle of reviewing the v2 patchset to add my acks when
I
forgot to add the comment that you still haven't convinced me that ses=
isn't needed or relevant if we are including auid=.
The session id is needed to disambiguate which login the event belongs to. It
is necessary sometimes to trace an event back to the login because it was a
remote login from an unexpected IP address.
-Steve