projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c608973) | patch
audit: Limit audit requests to processes in the initial pid and user namespaces.
authorEric W. Biederman <ebiederm@xmission.com>
Tue, 11 Sep 2012 06:20:20 +0000 (23:20 -0700)
committerEric W. Biederman <ebiederm@xmission.com>
Tue, 18 Sep 2012 00:38:42 +0000 (17:38 -0700)
commit34e36d8ecbd958bc15f8e63deade1227de337eb1
tree2b6f98480e7a035c2910e39d68ca1ff453a98f89tree | snapshot (tar.gz zip)
parentc6089735e7243a10faad676680c6e18d50959f74commit | diff
audit: Limit audit requests to processes in the initial pid and user namespaces.

This allows the code to safely make the assumption that all of the
uids gids and pids that need to be send in audit messages are in the
initial namespaces.

If someone cares we may lift this restriction someday but start with
limiting access so at least the code is always correct.

Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Eric Paris <eparis@redhat.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
kernel/audit.c diff | blob | blame | history