Re: [RFC][PATCH] loginuid through procfs (+ a question)
On Sun, Jan 09, 2005 at 06:04:06AM -0600, Klaus Weidner wrote:
If the kernel can't reliably access the needed information, the
audit
userspace message function must be modified to work synchronously, so
that the trusted program doesn't proceed until the kernel had a chance to
pick up the data. Keep in mind that only trusted processes can send these
messages, so it's okay to require them to follow certain rules.
Another option would be to have the trusted process explicitly include
the login UID in the message. Not very elegant but it may be less work if
the kernel can't reliably get that data.
-Klaus