Re: Audit perms check on recv (Re: Two netlink patches)
On Tue, 2004-12-21 at 08:05, Stephen Smalley wrote:
With regard to a check on read-like operations, that does seem
desirable, as you don't want to let arbitrary processes list the audit
filters or get the audit daemon's pid.
Note btw that if you do end up with separate capabilities for audit read
vs. audit write operations, then you will have essentially duplicated
the SELinux nlmsg_read/nlmsg_write checking for netlink audit sockets,
and we could possibly drop the netlink audit socket case out of
selinux_nlmsg_lookup and not need to maintain the nlmsg_audit_perms
table. We would still need the checking for other kinds of netlink
sockets.
--
Stephen Smalley <sds(a)epoch.ncsc.mil>
National Security Agency