From mboxrd@z Thu Jan  1 00:00:00 1970
From: Richard Guy Briggs <rgb@redhat.com>
Subject: Re: [PATCH V5 0/5] audit by executable name
Date: Wed, 29 Oct 2014 21:17:04 -0400
Message-ID: <20141030011704.GR20866@madcap2.tricolour.ca>
References: <cover.1412303728.git.rgb@redhat.com> <13346524.UcV0TUOQcF@sifl>
	<20141029194840.GL20866@madcap2.tricolour.ca>
	<10404139.lj6aruQcWX@x2>
	<20141029215442.GQ20866@madcap2.tricolour.ca>
	<1414627149.18727.2.camel@localhost>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <linux-audit-bounces@redhat.com>
Content-Disposition: inline
In-Reply-To: <1414627149.18727.2.camel@localhost>
List-Unsubscribe: <https://www.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: Eric Paris <eparis@redhat.com>
Cc: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

On 14/10/29, Eric Paris wrote:
> On Wed, 2014-10-29 at 17:54 -0400, Richard Guy Briggs wrote:
> > On 14/10/29, Steve Grubb wrote:
> > > On Wednesday, October 29, 2014 03:48:40 PM Richard Guy Briggs wrote:
> > > > On 14/10/21, Paul Moore wrote:
> > > > > > > Can anyone think of anything else that might be affected by this?
> > > > > > 
> > > > > > No one uses this stuff, just change it.
> > > > > 
> > > > > Yes, but I feel like I need to at least ask the question; how much
> > > > > attention I pay to the answers is something else ...
> > > > 
> > > > I'm still skeptical this won't blow up...  Like the capabilities bitmap
> > > > did.  I suspect there isn't agreement on what constitutes a feature.
> > > 
> > > Anything major that user space would have to know about to determine if its 
> > > supported. If you don't know, just ask if we need to add a bit to the bitmap. 
> > > Some examples, adding the object comparison engine, adding the loginuid-
> > > immutable feature, if we added filtering on TTY that would also qualify (not 
> > > asking for that). Otherwise, user space get EINVAL on the netlink operation 
> > > which is not useful in explaining why the command was rejected.
> > 
> > Well, I guess this falls under Linus' "thou shalt not break userspace",
> > but it would certainly be tempting to change some of those to
> > EOPNOTSUPP.
> 
> You only break userspace if something breaks   :)

So which scratch monkey do we mount before sending it upstream?

We saw how actually allowing CAP_AUDIT_WRITE from non-init PID
namespaces backfired on us in stuff which didn't use audit before...

- RGB

--
Richard Guy Briggs <rbriggs@redhat.com>
Senior Software Engineer, Kernel Security, AMER ENG Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635, Alt: +1.613.693.0684x3545