Re: audit capability checks not audited

On Tuesday 17 May 2005 09:12, Steve Grubb wrote: OK. I see the problem now. In /fs/proc/base.c we have this code: 845 static ssize_t proc_loginuid_write(struct file * file, const char __user * buf, 846 size_t count, loff_t *ppos) 847 { 854 if (!capable(CAP_AUDIT_CONTROL)) 855 return -EPERM; So, this means that the pam module has to have CONTROL capabilites to set the loginuid. This is clearly not what we want. Should this be changed to WRITE or should we have another capability? Or, does anyone have another idea? -Steve