LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Kernel page

Recent Features

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

LWN.net Weekly Edition for February 2, 2012

A tempest in a toybox

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Audit support for file capabilities

From:  Eric Paris <eparis@redhat.com>
To:  linux-kernel@vger.kernel.org, linux-audit@redhat.com
Subject:  [PATCH 0/4] Audit support for file capabilities
Date:  Mon, 20 Oct 2008 18:25:57 -0400
Message-ID:  <20081020222538.3895.50175.stgit@paris.rdu.redhat.com>
Cc:  viro@zeniv.linux.org.ok.redhat.com, morgan@kernel.org
Archive-link:  Article, Thread 

The following series implements audit support for file capabilities.  Audit
emits relevant fcaps infor for all path records, any time fcaps actually
escalate permissions, and we now print the arguments to sys_capset for when a
process tries to modify cap info.

---

Eric Paris (4):
      AUDIT: emit new record type showing all capset information
      AUDIT: audit when fcaps increase the permitted or inheritable capabilities
      AUDIT: output permitted and inheritable fcaps in PATH records
      CAPABILITIES: add cpu endian vfs caps structure


 include/linux/audit.h      |   22 +++++
 include/linux/capability.h |   12 +++
 kernel/auditsc.c           |  201 +++++++++++++++++++++++++++++++++++++++++++-
 kernel/capability.c        |    3 +
 security/commoncap.c       |  131 ++++++++++++++++-------------
 5 files changed, 308 insertions(+), 61 deletions(-)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds