[RFC PATCH] sched: only issue an audit on privileged operation

peterz at infradead.org peterz at infradead.org
Tue Sep 8 10:25:37 UTC 2020


On Fri, Sep 04, 2020 at 06:00:31PM +0200, Christian Göttsche wrote:
> sched_setattr(2) does via kernel/sched/core.c:__sched_setscheduler()
> issue a CAP_SYS_NICE audit event unconditionally, even when the requested
> operation does not require that capability / is un-privileged.
> 
> Perform privilged/unprivileged catigorization first and perform a
> capable test only if needed.
> 
> Signed-off-by: Christian Göttsche <cgzones at googlemail.com>
> ---
>  kernel/sched/core.c | 65 ++++++++++++++++++++++++++++++++-------------
>  1 file changed, 47 insertions(+), 18 deletions(-)

So who sodding cares about audit, and why is that a reason to make a
trainwreck of code?



More information about the Linux-security-module-archive mailing list