repost of loginuid patches

[Stephen Smalley]

On Wed, 2005-01-19 at 19:15, Serge Hallyn wrote:
> I thought we had decided not to introduce a special case, and to just
> let 4294967295 signify unset.
> 
> I'm open to either behavior.  Just let me know if we want -1.

I think that handling it with %u is fine, and comparing against
(uid_t)-1 in userspace.

> I think we expect count to always be PAGE_SIZE, so really the first two
> lines shouldn't even be necessary.  sel_read_enforce doesn't check for
> it.

simple_read_from_buffer() makes sure that you don't overflow, and if the
caller provides too small of a buffer, it is up to him to continue
reading until he hits the end of the "file".  I think this code should
be simplified along the lines of sel_read_enforce.  Did you mean to use
scnprintf?

You'll want consistency, either auid or loginuid, not a mix.  loginuid
is more consistent with the existing code.

Minor nit: In the AUDIT_USER messages, I'd put the loginuid right after
the uid, not after the length (which is logically coupled with the msg).

Otherwise, I'd encourage you to take these to lkml.

-- 
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency