From: Chris Wright <chrisw@osdl.org>
To: Linux Audit Discussion <linux-audit@redhat.com>
Cc: netdev@oss.sgi.com, davem@davemloft.net, kuznet@ms2.inr.ac.ru
Subject: Re: [PATCH] Add audit uid to netlink credentials
Date: Wed, 9 Feb 2005 10:37:47 -0800 [thread overview]
Message-ID: <20050209103747.Y24171@build.pdx.osdl.net> (raw)
In-Reply-To: <1107973381.17568.97.camel@moss-spartans.epoch.ncsc.mil>; from sds@epoch.ncsc.mil on Wed, Feb 09, 2005 at 01:23:01PM -0500
* Stephen Smalley (sds@epoch.ncsc.mil) wrote:
> On Wed, 2005-02-09 at 09:50, Serge Hallyn wrote:
> > CAP_AUDIT_WRITE is needed, but not CAP_AUDIT_CONTROL, which is needed to
> > set the loginuid. Of course, an LSM could check at
> > security_netlink_send whether the login_uid in the payload is the same
> > as the real loginuid. Otherwise, we're wasting a (very precious)
> > capability bit.
> >
> > In either case, have we decided we don't want it in the netlink
> > credentials after all?
>
> If the audit subsystem truly needs to include the loginuid in audit
> messages generated upon processing netlink messages, then I think it
> belongs in the control buffer as per your patch. Alexey has confirmed
> that we cannot use the current task's audit context regardless.
>
> As a side bar, a similar security field in the control buffer would
> likewise be very useful so that SELinux could set the SID for use in
> permission checks by receive functions.
This means sendmsg hook would set the SID? And in that case, you'd
stomp on loginuid for audit messages unless they are special cased.
The loginuid is special case to audit, it doesn't make sense to me that
it is in generic netlink_skb_parms structure unless it's used by more
netlink users.
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
next prev parent reply other threads:[~2005-02-09 18:37 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-02-04 16:58 [PATCH] Add audit uid to netlink credentials Serge E. Hallyn
2005-02-08 6:04 ` Patrick McHardy
2005-02-09 13:34 ` Stephen Smalley
2005-02-09 14:10 ` Patrick McHardy
2005-02-09 14:19 ` Alexey Kuznetsov
2005-02-09 16:49 ` Alexey Kuznetsov
2005-02-09 18:52 ` Patrick McHardy
2005-02-09 18:53 ` Stephen Smalley
2005-02-09 14:17 ` David Woodhouse
2005-02-09 14:50 ` Serge Hallyn
2005-02-09 18:23 ` Stephen Smalley
2005-02-09 18:37 ` Chris Wright [this message]
2005-02-09 18:40 ` Stephen Smalley
2005-02-09 23:38 ` Chris Wright
2005-02-09 23:56 ` David Woodhouse
2005-02-10 0:19 ` Chris Wright
2005-02-10 9:20 ` David Woodhouse
2005-02-10 12:40 ` Stephen Smalley
2005-02-10 12:49 ` David Woodhouse
2005-02-10 17:14 ` Chris Wright
2005-02-10 1:11 ` Chris Wright
2005-02-10 12:36 ` Stephen Smalley
2005-02-10 12:51 ` Stephen Smalley
-- strict thread matches above, loose matches on Subject: below --
2005-02-10 14:37 Chad Hanson
2005-02-10 14:56 ` David Woodhouse
2005-02-10 17:52 ` Klaus Weidner
2005-02-10 18:10 ` Casey Schaufler
2005-02-10 19:26 ` Klaus Weidner
2005-02-10 15:16 Chad Hanson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050209103747.Y24171@build.pdx.osdl.net \
--to=chrisw@osdl.org \
--cc=davem@davemloft.net \
--cc=kuznet@ms2.inr.ac.ru \
--cc=linux-audit@redhat.com \
--cc=netdev@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).