Granting CAP_AUDIT_WRITE to X/dbus/...
Laurent Bigonville
bigon at debian.org
Mon Sep 15 11:20:03 UTC 2014
Hello,
I was wondering now that the xserver can run as non-root shouldn't the
CAP_WRITE_AUDIT file capability be set on the Xorg executable? Same
question for AVC denials logging with dbus session bus[0]?
And in general, does anybody has an opinion about giving this
capability to $random executable?
Cheers,
Laurent Bigonville
[0] See: https://bugs.freedesktop.org/show_bug.cgi?id=83856
More information about the Linux-audit
mailing list