Re: Two netlink patches
Hi,
I believe a single CAP_AUDIT_CONTROL bit should suffice for defining an
MRMLOSPP-compliant audit role. I will send out a new patch asap which
also nixes cap_netlink_audit_send and just leaves the code in dummy.
Does this seem sufficient? Or do you (Chris) object to having this test
in the netlink send codepath? As far as I can see, the only legitimate
alternative would be to in fact move audit control to a different
(pseudo-fs?) interface.
thanks,
-serge
On Thu, 2004-12-16 at 07:49 -0500, Stephen Smalley wrote:
On Wed, 2004-12-15 at 18:07, Chris Wright wrote:
> * Chris Wright (chrisw(a)osdl.org) wrote:
> > CAP_SYS_AUDIT?
>
> OK, well, Posix (withdrawn draft) specifies CAP_AUDIT_CONTROL and
> CAP_AUDIT_WRITE.
Given the shortage of available capability bits, I'd think you would
only want to take at most one for audit. You can always provide
finer-grained controls via other security modules, as in SELinux's
checking upon netlink_send.
--
Serge Hallyn <serue(a)us.ibm.com>