On Fri, May 05, 2006 at 04:59:49PM -0400, Linda Knippers wrote: > Steve Grubb wrote: > > This patch deletes the context string out of this record. Are we losing > > anything important? > > I don't think so. I don't think the IPC_SET operations change the sid > (at least I don't see it in the code) so its redundant with the obj > information > that's in the IPC record. If I'm missing it, I hope someone will point > it out to me.
I agree that it's redundant. This is the sub-record that describes the requested changes to object properties, and any information that can't be changed through IPC_SET doesn't need to be in it. The information about the current state of the object and subject is in separate sub-records. -Klaus -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
