RE: [PATCH] Add audit uid to netlink credentials
On Thu, 2005-02-10 at 09:37 -0500, Chad Hanson wrote:
In your example of a process watching daemon, why would this daemon
want to
spoof the credentials of the watched process? I can think of two examples.
Perhaps I misunderstand the intent of userspace AUDIT_WRITE. Can you
provide examples of why you _wouldn't_ want to let a dæmon which is
already sending random unvetted AUDIT_WRITE messages also specify the
loginuid on _those_ messages?
--
dwmw2