[RFC PATCH v2 0/9] Add LSM access controls and auditing to io_uring

Steve Grubb sgrubb at redhat.com
Wed Sep 15 13:02:12 UTC 2021

On Wednesday, September 15, 2021 8:29:08 AM EDT Richard Guy Briggs wrote:
> I was in the middle of reviewing the v2 patchset to add my acks when I
> forgot to add the comment that you still haven't convinced me that ses=
> isn't needed or relevant if we are including auid=.

The session id is needed to disambiguate which login the event belongs to. It 
is necessary sometimes to trace an event back to the login because it was a 
remote login from an unexpected IP address.


More information about the Linux-security-module-archive mailing list