Re: [PATCH] Add audit uid to netlink credentials

[David Woodhouse <dwmw2@xxxxxxxxxxxxx>]

On Wed, 2005-02-09 at 15:38 -0800, Chris Wright wrote:
>> So you also think it should be in the payload?  That would require
>> security_netlink_send to dig into the payload if we wanted to control
>> who can specify other loginuids, as Serge noted.
>
>I just don't see it making sense to add another credential for a special
>case.  The signal code already peaks into the siginfo struct when queueing
>a signal to make sure some user isn't trying to send si_code == SI_KERNEL
>or similar.  Perhaps audit could do that with it's own payload during send.
>No matter how we slice it, it's a special case.

I'm not entirely sure the check is needed anyway. This is a trusted
application sending audit messages. Why shouldn't it be permitted to log
auditable events which were triggered by someone _else_? 

If we want to audit the actions of the userspace logging dÃmon itself
and see what it sends, then we can quite happily do so within the audit
framework. That's a _different_ issue, surely?

-- 
dwmw2