Stephen Smalley <sds@tycho.nsa.gov> wrote: > Precisely when to use one identity vs. the other though isn't always > clear, and the potential for accidental divergence is also a concern. What should auditing use in audit_filter_rules() when dealing with AUDIT_SUBJ_* cases? Should the SUBJ cases use the subjective SID and the AUDIT_OBJ_* cases use the objective SID? On the other hand AUDIT_OBJ_* cases don't seem to have anything to do with tasks. David - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
- Follow-Ups:
- Re: [PATCH 2/3] CRED: Split the task security data and move part of it into struct cred
- From: Casey Schaufler <casey@schaufler-ca.com>
- Re: [PATCH 2/3] CRED: Split the task security data and move part of it into struct cred
- From: Stephen Smalley <sds@tycho.nsa.gov>
- Re: [PATCH 2/3] CRED: Split the task security data and move part of it into struct cred
- References:
- Re: [PATCH 2/3] CRED: Split the task security data and move part of it into struct cred
- From: Stephen Smalley <sds@tycho.nsa.gov>
- [PATCH 0/3] Introduce credential record
- From: David Howells <dhowells@redhat.com>
- [PATCH 2/3] CRED: Split the task security data and move part of it into struct cred
- From: David Howells <dhowells@redhat.com>
- Re: [PATCH 2/3] CRED: Split the task security data and move part of it into struct cred
- From: "Serge E. Hallyn" <serge@hallyn.com>
- Re: [PATCH 2/3] CRED: Split the task security data and move part of it into struct cred
- Prev by Date: Re: realtime preemption performance difference
- Next by Date: Re: Network slowdown due to CFS
- Previous by thread: Re: [PATCH 2/3] CRED: Split the task security data and move part of it into struct cred
- Next by thread: Re: [PATCH 2/3] CRED: Split the task security data and move part of it into struct cred
- Index(es):
 |