More PATH fallout. Who decided this was a good idea?
Steve Grubb
sgrubb at redhat.com
Sat Dec 6 18:07:13 UTC 2008
On Saturday 06 December 2008 12:59:33 Jesse Keating wrote:
> Er, so you have to be root, in order to be audited?
No, you have to have CAP_AUDIT_WRITE to send audit events.
> Doesn't that sound rather um... bad planning?
No, its working rather well.
> Doesn't that mean a non-root user can bang on a binary all day long and
> never get audited?
Nope, we took the perms away. Problem solved. :)
-Steve
More information about the fedora-devel-list
mailing list