On Sat, 2005-01-15 at 15:07, Serge E. Hallyn wrote: > The audit control messages are sent over netlink. Permission checks > are done on the process receiving the message, which may not be the > same as the process sending the message. This patch switches the > netlink_send security hooks to calculate the effective capabilities > based on the sender. Then audit_receive_msg performs capability checks > based on that. > > It also introduces the CAP_AUDIT_WRITE and CAP_AUDIT_CONTROL capabilities, > and replaces the previous CAP_SYS_ADMIN checks in audit code with the > appropriate checks. > > Please apply. > > Changelog: > 1/15/2005: Simplified dummy_netlink_send given that dummy now > keeps track of capabilities. > 1/14/2005: Many fixes based on feedback from [EMAIL PROTECTED] > list. > 1/14/2005: Removed the netlink_msg_type helper function. > 1/07/2005: Swith to using CAP_AUDIT_WRITE and CAP_AUDIT_CONTROL. > > thanks, > -serge > > Signed-off-by: Serge Hallyn <[EMAIL PROTECTED]>
Signed-off-by: Stephen Smalley <[EMAIL PROTECTED]> -- Stephen Smalley <[EMAIL PROTECTED]> National Security Agency - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
