diff options
author | Eric Paris <eparis@redhat.com> | 2012-01-03 14:23:08 -0500 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2012-01-17 16:17:01 -0500 |
commit | 02d86a568c6d2d335256864451ac8ce781bc5652 (patch) | |
tree | 3ef085bd96cc79733cff28993379dbbd4b855813 /scripts | |
parent | 29ef73b7a823b77a7cd0bdd7d7cded3fb6c2587b (diff) | |
download | kernel_goldelico_gta04-02d86a568c6d2d335256864451ac8ce781bc5652.zip kernel_goldelico_gta04-02d86a568c6d2d335256864451ac8ce781bc5652.tar.gz kernel_goldelico_gta04-02d86a568c6d2d335256864451ac8ce781bc5652.tar.bz2 |
audit: allow interfield comparison in audit rules
We wish to be able to audit when a uid=500 task accesses a file which is
uid=0. Or vice versa. This patch introduces a new audit filter type
AUDIT_FIELD_COMPARE which takes as an 'enum' which indicates which fields
should be compared. At this point we only define the task->uid vs
inode->uid, but other comparisons can be added.
Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'scripts')
0 files changed, 0 insertions, 0 deletions