Re: [PATCH] Add audit uid to netlink credentials
On Wed, 2005-02-09 at 14:17 +0000, David Woodhouse wrote:
The only time it's possibly worth verifying it is for the case
where
userspace is sending AUDIT_USER messages -- for which the process needs
CAP_AUDIT_WRITE anyway.
CAP_AUDIT_WRITE is needed, but not CAP_AUDIT_CONTROL, which is needed to
set the loginuid. Of course, an LSM could check at
security_netlink_send whether the login_uid in the payload is the same
as the real loginuid. Otherwise, we're wasting a (very precious)
capability bit.
In either case, have we decided we don't want it in the netlink
credentials after all?
thanks,
-serge
--
Serge Hallyn <serue(a)us.ibm.com>