Re: [RFC PATCH] sched: only issue an audit on privileged operation

On Tue, Sep 8, 2020 at 12:26 PM wrote: > On Fri, Sep 04, 2020 at 06:00:31PM +0200, Christian Göttsche wrote: > > sched_setattr(2) does via kernel/sched/core.c:__sched_setscheduler() > > issue a CAP_SYS_NICE audit event unconditionally, even when the requested > > operation does not require that

Re: [RFC PATCH] sched: only issue an audit on privileged operation

On Fri, Sep 04, 2020 at 06:00:31PM +0200, Christian Göttsche wrote: > sched_setattr(2) does via kernel/sched/core.c:__sched_setscheduler() > issue a CAP_SYS_NICE audit event unconditionally, even when the requested > operation does not require that capability / is un-privileged. > > Perform

[RFC PATCH] sched: only issue an audit on privileged operation

sched_setattr(2) does via kernel/sched/core.c:__sched_setscheduler() issue a CAP_SYS_NICE audit event unconditionally, even when the requested operation does not require that capability / is un-privileged. Perform privilged/unprivileged catigorization first and perform a capable test only if