| To: | Linux Audit Discussion <linux-audit@xxxxxxxxxx> |
|---|---|
| Subject: | RE: [PATCH] Add audit uid to netlink credentials |
| From: | David Woodhouse <dwmw2@xxxxxxxxxxxxx> |
| Date: | Thu, 10 Feb 2005 14:56:36 +0000 |
| Cc: | Chris Wright <chrisw@xxxxxxxx>, netdev@xxxxxxxxxxx, davem@xxxxxxxxxxxxx, kuznet@xxxxxxxxxxxxx |
| In-reply-to: | <36282A1733C57546BE392885C06185927377BE@chaos.tcs.tcs-sec.com> |
| References: | <36282A1733C57546BE392885C06185927377BE@chaos.tcs.tcs-sec.com> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
On Thu, 2005-02-10 at 09:37 -0500, Chad Hanson wrote: > In your example of a process watching daemon, why would this daemon want to > spoof the credentials of the watched process? I can think of two examples. Perhaps I misunderstand the intent of userspace AUDIT_WRITE. Can you provide examples of why you _wouldn't_ want to let a dÃmon which is already sending random unvetted AUDIT_WRITE messages also specify the loginuid on _those_ messages? -- dwmw2 |
| Previous by Date: | RE: [PATCH] Add audit uid to netlink credentials, Chad Hanson |
|---|---|
| Next by Date: | RE: [PATCH] Add audit uid to netlink credentials, Chad Hanson |
| Previous by Thread: | RE: [PATCH] Add audit uid to netlink credentials, Chad Hanson |
| Next by Thread: | Re: [PATCH] Add audit uid to netlink credentials, Klaus Weidner |
| Indexes: | [Date] [Thread] [Top] [All Lists] |