Re: [PATCH] (for 2.3.99pre6) audit_ids system calls

• Next message: Jeff Garzik: "Re: [PATCH] 2.3.99pre7-1 - From dev->resource[x].start to pci_resource_start(dev, x)"
• Previous message: Jes Sorensen: "Re: [PATCH] 2.3.99pre7-1 - From dev->resource[x].start to pci_resource_start(dev, x)"
• In reply to: Linda Walsh: "Re: [PATCH] (for 2.3.99pre6) audit_ids system calls"
• Next in thread: Linda Walsh: "Re: [PATCH] (for 2.3.99pre6) audit_ids system calls"
• Reply: Linda Walsh: "Re: [PATCH] (for 2.3.99pre6) audit_ids system calls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Linda Walsh writes the following:
> The bug is that any major commercial operating system provides
>at least "C2" or "CAPP" level 'trust' (including MS NT). One of the requirements for this level of 'trust' is that audit actions be able to be
>written corresponding to the appropriate 'authenticated' (as in they
>gave a "password" (literal password or other biometric)). Currently,
>none of the uid values can be guaranteed to remain constant for
>a login session. Thus the luid fix.

So finally, you admit CAPP is a bug :)

And why again does the "literal password" supplied at the su password prompt
not count?

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Jeff Garzik: "Re: [PATCH] 2.3.99pre7-1 - From dev->resource[x].start to pci_resource_start(dev, x)"
• Previous message: Jes Sorensen: "Re: [PATCH] 2.3.99pre7-1 - From dev->resource[x].start to pci_resource_start(dev, x)"
• In reply to: Linda Walsh: "Re: [PATCH] (for 2.3.99pre6) audit_ids system calls"
• Next in thread: Linda Walsh: "Re: [PATCH] (for 2.3.99pre6) audit_ids system calls"
• Reply: Linda Walsh: "Re: [PATCH] (for 2.3.99pre6) audit_ids system calls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun May 07 2000 - 21:00:10 EST