[prev in list] [next in list] [prev in thread] [next in thread] 

List:       selinux
Subject:    Re: Patch to cleanup audit handling in policy.
From:       Steve G <linux_4ever () yahoo ! com>
Date:       2007-04-30 14:59:14
Message-ID: 20070430145914.7790.qmail () web51502 ! mail ! re2 ! yahoo ! com
[Download RAW message or body]


>I'm not convinced that these are necessary.

The audit policy seems very broken. It allows way too much permission to
applications. The audit_control permission means that they can potentially delete
audit rules or change the loginuid. That should not be handed out like candy. 

The interfaces that Dan created allows the exact kind of permission to be applied
without having to copy and paste individual permissions which is error prone.
(There are only 4 use cases of the audit system.) Part of what makes it error
prone is the naming convention for all the pieces. Example: "audit_write" is that
for the capability, the netlink interface, or audit logs?

-Steve

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
[prev in list] [next in list] [prev in thread] [next in thread]