[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-audit
Subject: reporting loginuid on AUDIT_USER message
From: Serge Hallyn <serue () us ! ibm ! com>
Date: 2005-01-14 19:10:39
Message-ID: 1105729839.5651.9.camel () serge
[Download RAW message or body]
Based on earlier discussion, we have a few options:
1. hack netlink to send loginuid along with credentials
2. Get the loginuid from the task struct by pid at audit_receive_msg
(), and require the programs sending AUDIT_USER messages to make sure
that the process does not exit until a reply has been received.
3. Have the user-space programs send loginuid (as received
from /proc/$$/loginuid) in the actual AUDIT_USER message.
Do we have a preference? (1) is the most invasive, and would require
going through netdev, but seems the cleanest to me. On the other hand,
we could just say we're going with (3) as a way to put off having to
make a decision...
thanks,
-serge
--
Serge Hallyn <serue@us.ibm.com>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic