Re: [PATCH 2/2] net: Use ns_capable_noaudit() when determining net sysctl permissions

Quoting Tyler Hicks (tyhi...@canonical.com): > The capability check should not be audited since it is only being used > to determine the inode permissions. A failed check does not indicate a > violation of security policy but, when an LSM is enabled, a denial audit > message was being generated. >

Re: [PATCH 2/2] net: Use ns_capable_noaudit() when determining net sysctl permissions

Quoting Tyler Hicks (tyhi...@canonical.com): > The capability check should not be audited since it is only being used > to determine the inode permissions. A failed check does not indicate a > violation of security policy but, when an LSM is enabled, a denial audit > message was being generated. >

[PATCH 2/2] net: Use ns_capable_noaudit() when determining net sysctl permissions

The capability check should not be audited since it is only being used to determine the inode permissions. A failed check does not indicate a violation of security policy but, when an LSM is enabled, a denial audit message was being generated. The denial audit message caused confusion for some

[PATCH 2/2] net: Use ns_capable_noaudit() when determining net sysctl permissions

The capability check should not be audited since it is only being used to determine the inode permissions. A failed check does not indicate a violation of security policy but, when an LSM is enabled, a denial audit message was being generated. The denial audit message caused confusion for some