[RFC][PATCH] add security label to user messages
Timothy R. Chavez
tinytim at us.ibm.com
Mon Jan 16 15:44:13 UTC 2006
On Sat, 2006-01-14 at 07:46 -0500, Steve Grubb wrote:
> On Friday 13 January 2006 19:49, Timothy R. Chavez wrote:
> > @@ -464,6 +468,13 @@ static int audit_receive_msg(struct sk_b
> > "user pid=%d uid=%u
> > auid=%u msg='%.1024s'", pid, uid, loginuid, (char *)data);
> > audit_set_pid(ab, pid);
> > + read_lock(&tasklist_lock);
> > + tsk = find_task_by_pid(pid);
>
> Looks good except...netlink is an async protocol. The pid that sent the
> netlink packet may have been replaced by another process with the same pid by
> the time we receive the packet. Seems like we need to collect and use the sid
> at send time just like we do the loginuid.
>
> -Steve
Aye, good point. Hmmmmm....
-tim
More information about the Linux-audit
mailing list