Re: [PATCH] LSM hooks for audit

From: Serge Hallyn (serue@private)
Date: Fri Sep 17 2004 - 10:19:08 PDT

Previous message: B5$B2/: "*****SPAM***** $B!vL$>5Bz(B&$B>5Bz9-9p"#(B6$B@iK|1_>Z5rM-<}F~J}K!$"$j$^$9"#(B3$B2/1_!"(B5$B2/1_<}F~<TB3=P>Z5r3NG'(B$B$G$-$^$9"#G/6b$O(B8$B@iK|1_$G0B?4(B$B"#7J5$2sI|3+;O$N;~$3$=%A%c%s%9(B"
In reply to: Stephen Smalley: "Re: [PATCH] LSM hooks for audit"
Next in thread: Chad Hanson: "RE: [PATCH] LSM hooks for audit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Attached is a patch which moves the audit control authorization checks
to the netlink send side.  They are automatically performed from the
dummy and capability LSM's, and if no LSMs are loaded.  Based on this
patch, there would be no explicit LSM support for audit control, but the
audit_get_msgtype(sk, skb) function can be used by LSM's to keep their
security_netlink_send functions at least a little cleaner.

thanks,
-serge

-- 
=======================================================
Serge Hallyn
Security Software Engineer, IBM Linux Technology Center
serue@private

text/x-patch attachment: linux-2.6.8.1-auditfix.diff__charset_UTF-8

Previous message: B5$B2/: "*****SPAM***** $B!vL$>5Bz(B&$B>5Bz9-9p"#(B6$B@iK|1_>Z5rM-<}F~J}K!$"$j$^$9"#(B3$B2/1_!"(B5$B2/1_<}F~<TB3=P>Z5r3NG'(B$B$G$-$^$9"#G/6b$O(B8$B@iK|1_$G0B?4(B$B"#7J5$2sI|3+;O$N;~$3$=%A%c%s%9(B"
In reply to: Stephen Smalley: "Re: [PATCH] LSM hooks for audit"
Next in thread: Chad Hanson: "RE: [PATCH] LSM hooks for audit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Sep 17 2004 - 09:12:15 PDT