Re: [PATCH] Fix audit control message checks

[Chris Wright]

* Stephen Smalley (sds@xxxxxxxxxxxxxx) wrote:
> On Sat, 2005-01-15 at 15:07, Serge E. Hallyn wrote:
> > The audit control messages are sent over netlink.  Permission checks
> > are done on the process receiving the message, which may not be the
> > same as the process sending the message.  This patch switches the
> > netlink_send security hooks to calculate the effective capabilities
> > based on the sender.  Then audit_receive_msg performs capability checks
> > based on that.
> > 
> > It also introduces the CAP_AUDIT_WRITE and CAP_AUDIT_CONTROL capabilities,
> > and replaces the previous CAP_SYS_ADMIN checks in audit code with the
> > appropriate checks.
> > 
> > Please apply.
> > 
> > Changelog:
> > 	1/15/2005: Simplified dummy_netlink_send given that dummy now
> > 		keeps track of capabilities.
> > 	1/14/2005: Many fixes based on feedback from linux-audit@xxxxxxxxxx
> > 		list.
> > 	1/14/2005: Removed the netlink_msg_type helper function.
> > 	1/07/2005: Swith to using CAP_AUDIT_WRITE and CAP_AUDIT_CONTROL.
> > 
> > thanks,
> > -serge
> > 
> > Signed-off-by: Serge Hallyn <serue@xxxxxxxxxx>
> 
> Signed-off-by:  Stephen Smalley <sds@xxxxxxxxxxxxxx>

Signed-off-by: Chris Wright <chrisw@xxxxxxxx>

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/