NAME¶

__audit_log_bprm_fcaps - store information about a loading bprm and relevant fcaps

SYNOPSIS¶

int __audit_log_bprm_fcaps(struct linux_binprm * bprm, const struct cred * new, const struct cred * old);

ARGUMENTS¶

struct linux_binprm * bprm

pointer to the bprm being processed

const struct cred * new

the proposed new credentials

const struct cred * old

the old credentials

DESCRIPTION¶

Simply check if the proc already has the caps given by the file and if not store the priv escalation info for later auditing at the end of the syscall

-Eric

COPYRIGHT¶

July 2017

Kernel Hackers Manual 4.11

Source file:	__audit_log_bprm_fcaps.9.en.gz (from linux-manual-4.11 )
Source last updated:	2017-07-09T18:22:15Z
Converted to HTML:	2019-06-03T08:20:19Z