Hi Russell, This discussion is probably best held on the linux-audit mail list since you are possibly suggesting changing the behavior of the audit system. http://www.redhat.com/mailman/listinfo/linux-audit >He suggested that we consider doing what the C2 pack for SunOS apparently >used to do (and what presumably some module of Trusted Solaris still does) in >regard to the auid. Why? The current design is that only entry point programs set the login uid (auid). It works per the design. I don't really understand what problem you see. >In the SunOS case it was apparently impossible to reset the auid, not even root >can do so. Setting the login uid is supposed to be protected by SE Linux policy so that only the right apps can do it. In this whole email, you never specified what problem you see. -Steve __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list