Re: Is CAP_SYS_ADMIN checked by every program !?

From: Bernd Eckenfels
Date: Thu Dec 30 2004 - 01:14:52 EST

Next message: Folkert van Heusden: "[2.6.9] kernel BUG at mm/rmap.c:474! (more details)"
Previous message: aryix: "dmesg: PCI interrupts are no longer routed automatically........."
In reply to: Valdis . Kletnieks: "Re: Is CAP_SYS_ADMIN checked by every program !?"
Next in thread: Tetsuo Handa: "Re: Is CAP_SYS_ADMIN checked by every program !?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In article <200412300546.iBU5kVie023979@xxxxxxxxxxxxxxxxxxxxxxx> you wrote:
> If you actually log your kernel messages it can matter, if every single
> process suddenly starts dumping a line in your syslogs, especially on a
> busy system...

It does not, the patch is not part of the linux kernel. There is nothing
which is tracing permission checks.

Of course this might become interesting, if you want to do full audit log,
however the current functionality in the kernel infrastructure is not very
well suited for that, since you would habe to do stack analysis for
meaningful traces (like "who checked access permission, why")

Gruss
Bernd
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Folkert van Heusden: "[2.6.9] kernel BUG at mm/rmap.c:474! (more details)"
Previous message: aryix: "dmesg: PCI interrupts are no longer routed automatically........."
In reply to: Valdis . Kletnieks: "Re: Is CAP_SYS_ADMIN checked by every program !?"
Next in thread: Tetsuo Handa: "Re: Is CAP_SYS_ADMIN checked by every program !?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]