Re: [PATCH] IPC_SET_PERM cleanup
On Wed, May 10, 2006 at 12:02:12PM -0500, Dustin Kirkland wrote:
What about a new field in the audit records that is a bitmask,
wherein
bits are flipped on for each field being a "new" or "updated" field?
Example:
type=IPC_SET_PERM msg=audit(1146863632.117:98): new_qbytes=0 new_iuid=501
new_igid=0 new_mode=0
becomes:
type=IPC_SET_PERM msg=audit(1146863632.117:98) new=1111: qbytes=0 iuid=501
igid=0 mode=0
I'm not sure that's really necessary, the type=IPC_SET_PERM already tells
you that these are new values. How about simply the following:
type=IPC_SET_PERM msg=audit(1146863632.117:98): qbytes=0 iuid=501 igid=0 mode=0
-Klaus