[PATCH] Uids should not be allowed to set to negative
Steve Grubb
sgrubb at redhat.com
Fri Aug 8 13:53:40 UTC 2008
On Friday 08 August 2008 09:25:09 Eric Paris wrote:
> > It is also strange that gid can't be set to negative, while uid can.
>
> Its not the same code that matches uid and auid is it? auid can
> reasonably be negative for anything that wasn't done from a login shell.
> just want to make sure you don't lose that ability.
That's true. But unfortunately, we have to give the uid as the unsigned value
or we lose a bit in the conversion and it doesn't match. On second thought,
maybe we can't do negative uids from user space because of that conversion to
unsigned inside the rule matching engine.
-Steve
More information about the Linux-audit
mailing list