On Sat, Mar 14, 2020 at 6:42 PM Richard Guy Briggs <[email protected]> wrote: > On 2020-03-13 12:47, Paul Moore wrote:
... > > It has been a while since I last looked at the patchset, but my > > concern over the prefered use of the ACID number vs the ACID object is > > that the number offers no reuse protection where the object does. I > > really would like us to use the object everywhere it is possible. > > Ok, so I take it from this that I go ahead with the dual format since > the wrapper funciton to convert from object to ID strips away object > information negating any benefit of favouring the object pointer. I'll > look at the remaining calls that use a contid (rather than contobj) and > convert all that I can over to storing an object using the dual counters > that track process exits versus signal2 and trace references. Well, as I said in the other thread, I'm not sure we need a full two counters; I think one counter and a simple flag should suffice. Otherwise that sounds good for the next iteration. -- paul moore www.paul-moore.com -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
