Re: [PATCH][RFC] audit: log namespace inode numbers

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Stephan Mueller <stephan.mueller@atsec.com>
To: Richard Guy Briggs <rgb@redhat.com>
Cc: linux-audit@redhat.com
Subject: Re: [PATCH][RFC] audit: log namespace inode numbers
Date: Tue, 07 Jan 2014 07:07:58 +0100	[thread overview]
Message-ID: <12215179.NadLEXGm6c@tauon> (raw)
In-Reply-To: <958ab728049c1adb674eeda3cbb2fc3e0774ab98.1387596015.git.rgb@redhat.com>

Am Freitag, 20. Dezember 2013, 22:32:29 schrieb Richard Guy Briggs:

Hi Richard,

>Log the namespace details of a task.
>---
>
>Does anyone have comments on this patch?
>
>I'm looking for guidance on which types of messages should have
>namespace information included.  I've included too many, I suspect.
>
>I also wonder if displaying these inode numbers in hexadecimal makes
>more sense than decimal, since they are all based around 0xF0000000. 
>These are all with reference to the proc filesystem, so a device
>number should not be necessary to qualify them.

I have a general question: why do you sprinkle so many callbacks to audit_log_namespace_info throughout the code? As namespaces apply only to the acting entities, i.e. the processes, wouldn't it be sufficient to only add it to audit_log_task_context? So, everywhere where the context is needed in the audit trail, we log something about the credentials of the process.

Ciao
Stephan

next prev parent reply	other threads:[~2014-01-07  6:08 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-12-21  3:32 [PATCH][RFC] audit: log namespace inode numbers Richard Guy Briggs
2013-12-21  9:01 ` William Roberts
2014-01-14  3:08   ` Eric Paris
2014-01-14 18:59     ` Richard Guy Briggs
2014-01-07  6:07 ` Stephan Mueller [this message]
2014-01-07 17:43   ` Richard Guy Briggs

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=12215179.NadLEXGm6c@tauon \
    --to=stephan.mueller@atsec.com \
    --cc=linux-audit@redhat.com \
    --cc=rgb@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.