summaryrefslogtreecommitdiffstats
path: root/kernel/auditsc.c
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2006-09-28 17:46:21 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2006-10-04 08:31:16 -0400
commit4b8a311bb161a3bd2ab44311f42c526b6dc76270 (patch)
treea2a269d8292ebcb8020c6748dad340bf74566979 /kernel/auditsc.c
parent78b656b8bf933101b42409b4492734b23427bfc3 (diff)
downloadlinux-4b8a311bb161a3bd2ab44311f42c526b6dc76270.tar.gz
linux-4b8a311bb161a3bd2ab44311f42c526b6dc76270.tar.bz2
linux-4b8a311bb161a3bd2ab44311f42c526b6dc76270.zip
[PATCH] arch filter lists with < or > should not be accepted
Currently the kernel audit system represents arch's as numbers and will gladly accept comparisons between archs using >, <, >=, <= when the only thing that makes sense is = or !=. I'm told that the next revision of auditctl will do this checking but this will provide enforcement in the kernel even for old userspace. A simple command to show the issue would be to run auditctl -d entry,always -F arch>i686 -S chmod with this patch the kernel will reject this with -EINVAL Please comment/ack/nak as soon as possible. -Eric kernel/auditfilter.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'kernel/auditsc.c')
0 files changed, 0 insertions, 0 deletions