Audit capability patch
Stephen Smalley
sds at epoch.ncsc.mil
Fri Jan 14 21:59:57 UTC 2005
On Fri, 2005-01-14 at 16:43, Serge E. Hallyn wrote:
> Thanks. New patch attached.
>
> Changelog:
> 1/14/2005: remove redundant message length checks.
> 1/14/2005: return -EINVAL on non-audit message
> 1/14/2005: return -EINVAL on non-audit message
> 1/14/2005: removed/inlined netlink_get_msgtype() function.
- Comments before audit_netlink_ok() are no longer accurate.
- Comment for default case in audit_netlink_ok() says permission denied
but error is EINVAL, so one or the other needs to change.
- Comment added to the later default case (no longer needed) seems bad,
i.e. patch either should not add the comment or should remove the case,
take your pick.
- You could just pass the eff_cap to audit_netlink_ok() rather than the
entire skb.
Otherwise, good to go.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the Linux-audit
mailing list