repost of loginuid patches
Stephen Smalley
sds at epoch.ncsc.mil
Thu Jan 27 13:43:01 UTC 2005
On Wed, 2005-01-19 at 19:15, Serge Hallyn wrote:
> I thought we had decided not to introduce a special case, and to just
> let 4294967295 signify unset.
>
> I'm open to either behavior. Just let me know if we want -1.
I think that handling it with %u is fine, and comparing against
(uid_t)-1 in userspace.
> I think we expect count to always be PAGE_SIZE, so really the first two
> lines shouldn't even be necessary. sel_read_enforce doesn't check for
> it.
simple_read_from_buffer() makes sure that you don't overflow, and if the
caller provides too small of a buffer, it is up to him to continue
reading until he hits the end of the "file". I think this code should
be simplified along the lines of sel_read_enforce. Did you mean to use
scnprintf?
You'll want consistency, either auid or loginuid, not a mix. loginuid
is more consistent with the existing code.
Minor nit: In the AUDIT_USER messages, I'd put the loginuid right after
the uid, not after the length (which is logically coupled with the msg).
Otherwise, I'd encourage you to take these to lkml.
--
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the Linux-audit
mailing list