[RFC][PATCH] (#7U2) [linux-2.6.12-rc2-mm1] file system auditing
Steve Grubb
sgrubb at redhat.com
Mon Apr 25 21:01:30 UTC 2005
On Saturday 23 April 2005 01:09, Timothy R. Chavez wrote:
> diff -Nurp linux-2.6.12-rc2-mm1~orig/kernel/audit.c
> linux-2.6.12-rc2-mm1~audit/kernel/audit.c ---
> linux-2.6.12-rc2-mm1~orig/kernel/audit.c 2005-04-11 14:15:36.000000000
> +0000 +++ linux-2.6.12-rc2-mm1~audit/kernel/audit.c 2005-04-21
> 20:58:37.000000000 +0000 @@ -322,6 +322,8 @@ static int
> audit_netlink_ok(kernel_cap_t
> case AUDIT_SET:
> case AUDIT_ADD:
> case AUDIT_DEL:
> + case AUDIT_WATCH_INS:
> + case AUDIT_WATCH_REM:
> if (!cap_raised(eff_cap, CAP_AUDIT_CONTROL))
> err = -EPERM;
> break;
Don't you really want to add AUDIT_WATCH_LIST to this?
-Steve
More information about the Linux-audit
mailing list