Two netlink patches
Chris Wright
chrisw at osdl.org
Wed Dec 15 22:47:23 UTC 2004
* Serge E. Hallyn (serue at us.ibm.com) wrote:
> The problem with this is that audit admin != sysadmin, so we
> instantly preventing linux from achieving, say, MRMLOSPP. But
> if we just replace "if (!capable()) err = -EPERM" with a new
> lsm hook, then we can still consolidate some of the code in
> audit_netlink_ok(nlh).
>
> thoughts?
CAP_SYS_AUDIT?
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
More information about the Linux-audit
mailing list