[PATCH] Reporting file descriptors created by pipe and socketpair
Alexander Viro
aviro at redhat.com
Tue Sep 12 19:12:25 UTC 2006
On Tue, Sep 12, 2006 at 02:25:50PM -0400, John D. Ramsdell wrote:
> Alexander Viro <aviro at redhat.com> writes:
>
> > c) just how do you propose to do "tracking file descriptors"?
>
> We aren't proposing to track file descriptors. We already have code
> that does that
Indeed? And how, pray tell, do you handle e.g. processes A and B sending
SCM_RIGHTS datagrams to C at the same moment? With data part containing
the indication which process had sent them, so C can handle them just
fine and do that in different ways depending on the origin of datagram.
Note that looking at the timestamps will not help you at all - you can
get
A enters sendmsg(2)
B enters sendmsg(2)
B puts datagram into queue
A puts datagram into queue
A leaves sendmsg(2)
B leaves sendmsg(2)
quite easily.
More information about the Linux-audit
mailing list