On Wed, 2005-01-19 at 16:25 -0500, Steve Grubb wrote:
Hi,
In audit-loginuid-proc.patch:
General comment - weren't we going to use -1 to signify its unset? I see
everything going through %u without special handling.
I thought we had decided not to introduce a special case, and to just
let 4294967295 signify unset.
I'm open to either behavior. Just let me know if we want -1.
The function proc_loginuid_read:
What if the count is too small?
I think we expect count to always be PAGE_SIZE, so really the first two
lines shouldn't even be necessary. sel_read_enforce doesn't check for
it.
Should we return an error? Are there any
worries about not changing count to be TMPBUFLEN if its too big?
I'm not sure what you mean. At what point?
In audit-netlink-loginuid.patch:
At chunk 263 & 272: auid ? was that supposed to be uid?
That was auid as in audit uid :) Maybe it should be loginuid? I do
think we want to distinguish between it and the current uid.
That's all I see...
Thanks for the comments,
-serge
--
Serge Hallyn <serue(a)us.ibm.com>