| To: | Linux Audit Discussion <linux-audit@xxxxxxxxxx> |
|---|---|
| Subject: | Re: [PATCH] Add audit uid to netlink credentials |
| From: | Stephen Smalley <sds@xxxxxxxxxxxxxx> |
| Date: | Wed, 09 Feb 2005 08:34:39 -0500 |
| Cc: | "Serge E. Hallyn" <serue@xxxxxxxxxx>, netdev@xxxxxxxxxxx, davem@xxxxxxxxxxxxx, kuznet@xxxxxxxxxxxxx |
| In-reply-to: | <Pine.LNX.4.62.0502080658310.32526@xxxxxxxxxxxxxxxxxx> |
| Organization: | National Security Agency |
| References: | <20050204165840.GA2320@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <Pine.LNX.4.62.0502080658310.32526@xxxxxxxxxxxxxxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
On Tue, 2005-02-08 at 01:04, Patrick McHardy wrote: > Reception of netlink messages in the kernel happens in the context > of the sending process, so you can simply call > audit_get_loginuid(current->audit_context) in audit_receive_msg(). Then why does netlink_sendmsg() need to save the effective capability set of the sender in the control buffer (via security_netlink_send) for later checking by other receive functions in the kernel (via security_netlink_recv)? What prevents audit_receive() or other similar receive functions in the kernel from processing messages sent by multiple senders? -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [PATCH 2/2] ipv4 routing: multipath with cache support, 2.6.10-rc3, Einar Lück |
|---|---|
| Next by Date: | Re: [PATCH] Add audit uid to netlink credentials, Patrick McHardy |
| Previous by Thread: | Re: [PATCH] Add audit uid to netlink credentials, Patrick McHardy |
| Next by Thread: | Re: [PATCH] Add audit uid to netlink credentials, Patrick McHardy |
| Indexes: | [Date] [Thread] [Top] [All Lists] |