Re: [PATCH V5 0/5] audit by executable name
On 14/10/21, Paul Moore wrote:
On Tuesday, October 21, 2014 06:19:52 PM Eric Paris wrote:
> On Tue, 2014-10-21 at 17:56 -0400, Paul Moore wrote:
> > * Change the audit_status.version field comment in
> > include/uapi/linux/audit.h to "/* audit functionality bitmap */", or
> > similar. We can't really change the structure now, but the comment is
> > fair game.
>
> Trying to think how to do things with a #define so you can rename,
> "version" is pretty darn generic to pre-process. You could make it a
> union, so userspace code and use a sane name....
Yeah, I thought about suggesting the #define approach but figured that might
just be me worrying about the color of the paint ... okay, Richard, why don't
you go ahead and change the version field name and put in a #define for
compatibility.
The #define is a nice way to work around backward compatibility.
> > Can anyone think of anything else that might be affected by
this?
>
> No one uses this stuff, just change it.
Yes, but I feel like I need to at least ask the question; how much attention I
pay to the answers is something else ...
I'm still skeptical this won't blow up... Like the capabilities bitmap
did. I suspect there isn't agreement on what constitutes a feature. We
just added a set/get features bitmap a year ago for things to be turned
on/off and locked... How does this features bitmap fit in with that
features config?
I don't disagree that a bitmap would be more useful for various
distributions to pick and choose that which they choose to support over
a version number that won't tell the whole story.
paul moore
- RGB
--
Richard Guy Briggs <rbriggs(a)redhat.com>
Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545