Re: security_task_getsecid() and subjective vs objective task creds

On Fri, Feb 19, 2021 at 9:55 PM James Morris wrote: > On Thu, 18 Feb 2021, Paul Moore wrote: > > > Hi all, > > > > When looking into a problem I noticed that audit was recording the > > wrong subject label for a process. > > Is this a public bug? It would be good to know what the extent of this >

Re: [RFC PATCH 1/4] lsm: separate security_task_getsecid() into subjective and objective variants

On Fri, Feb 19, 2021 at 9:57 PM James Morris wrote: > On Fri, 19 Feb 2021, Paul Moore wrote: > > diff --git a/drivers/android/binder.c b/drivers/android/binder.c > > index c119736ca56ac..39d501261108d 100644 > > --- a/drivers/android/binder.c > > +++ b/drivers/android/binder.c > > @@ -2700,7

Re: [RFC PATCH 0/4] Split security_task_getsecid() into subj and obj variants

On Fri, Feb 19, 2021 at 8:49 PM Casey Schaufler wrote: > On 2/19/2021 3:28 PM, Paul Moore wrote: > > As discussed briefly on the list (lore link below), we are a little > > sloppy when it comes to using task credentials, mixing both the > > subjective and object credentials. This patch set