diff options
author | Miloslav Trmac <mitr@redhat.com> | 2008-04-18 13:30:14 -0700 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2008-04-28 06:28:24 -0400 |
commit | 41126226e186d92a45ed664e546abb5204588359 (patch) | |
tree | cd31de9587e81b01934fe95e574be109dd0129c7 /security/smack | |
parent | 7719e437fac119e57b17588bab3a8e39ff9d22eb (diff) | |
download | linux-stable-41126226e186d92a45ed664e546abb5204588359.tar.gz linux-stable-41126226e186d92a45ed664e546abb5204588359.tar.bz2 linux-stable-41126226e186d92a45ed664e546abb5204588359.zip |
[patch 1/2] audit: let userspace fully control TTY input auditing
Remove the code that automatically disables TTY input auditing in processes
that open TTYs when they have no other TTY open; this heuristic was
intended to automatically handle daemons, but it has false positives (e.g.
with sshd) that make it impossible to control TTY input auditing from a PAM
module. With this patch, TTY input auditing is controlled from user-space
only.
On the other hand, not even for daemons does it make sense to audit "input"
from PTY masters; this data was produced by a program writing to the PTY
slave, and does not represent data entered by the user.
Signed-off-by: Miloslav Trmac <mitr@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'security/smack')
0 files changed, 0 insertions, 0 deletions