Re: Writting to audit with an application
On Monday 19 March 2007 15:58, geckiv wrote:
I never heard of dbus before. Is there an example how it keeps
it's
CAP_AUDIT_WRITE and changes uids?
Not without looking at its source code. Here's its patch:
http://developer.momonga-linux.org/viewvc/trunk/pkgs/dbus/dbus-0.61-selin...
nscd also does the same trick, but its coded in glibc style.
Is this just using setuid() some how?
No, there's an intricate dance regarding setuid, prctl, & capabilities
that must be followed exactly or bad things can happen.
-Steve