New audit-perms patch [ Re: Audit perms check on recv ]
Casey Schaufler
casey at schaufler-ca.com
Thu Jan 6 16:21:32 UTC 2005
--- Stephen Smalley <sds at epoch.ncsc.mil> wrote:
> I actually got the impression (possibly wrong) from
> Casey's posting that
> the desired associations were CAP_AUDIT_WRITE for
> AUDIT_USER only, and
> CAP_AUDIT_CONTROL for all other operations, even
> AUDIT_GET and
> AUDIT_LIST (and AUDIT_LOGIN).
This is correct.
> That allows
> applications to write records
> to the audit trail without any other access.
This is correct.
> Of
> course, it means that
> login would be able to arbitrarily control auditing,
> since it needs
> AUDIT_LOGIN.
Login is a critical component in the system
security policy enforcement. It can be expected
to undergo sufficient analysis and review to
ensure that abuse of the audit system is unlikely.
=====
Casey Schaufler
casey at schaufler-ca.com
__________________________________
Do you Yahoo!?
Meet the all-new My Yahoo! - Try it today!
http://my.yahoo.com
More information about the Linux-audit
mailing list