On Wednesday 13 December 2006 11:00, Karl MacMillan wrote:
> Is there a reason that the audit tools that take a file name paramater
> (-if) are not executable by non-root users?
Current tools do not.
[root src]# grep getuid *.c
auditctl.c: if (getuid() != 0) {
auditctl.c: if (getuid() != 0) {
Must be root to send netlink
auditd.c: if (getuid() != 0) {
Must be root to read netlink
autrace.c: if (getuid() != 0) {
Must be root to write to netlink.
-Steve
--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit
